Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:cg.ru
I ran this command:wacs.exe --target manual --host mail.cg.ru,pool.cg.ru,autodiscover.cg.ru,cg-sr-exch.cg.ru --certificatestore My --acl-fullcontrol “network service,administrators” --installation iis,script --installationsiteid 1 --script “./Scripts/ImportExchange.ps1” --scriptparameters “’{CertThumbprint}’ ‘IIS,SMTP,IMAP’ 1 ‘{CacheFile}’ ‘{CachePassword}’ ‘{CertFriendlyName}’”
It produced this output:
A simple Windows ACMEv2 client (WACS)
Software version 2.1.9.870 (RELEASE, PLUGGABLE)
ACME server https://acme-v02.api.letsencrypt.org/
IIS version 10.0
Running with administrator credentials
Scheduled task looks healthy
Please report issues at https://github.com/win-acme/win-acme
Running in mode: Unattended
Target generated using plugin Manual: mail.cg.ru and 3 alternatives
Overwriting previously created renewal
[autodiscover.cg.ru] Authorizing…
[autodiscover.cg.ru] Authorizing using http-01 validation (SelfHosting)
[cg-sr-exch.cg.ru] Authorizing…
[cg-sr-exch.cg.ru] Authorizing using http-01 validation (SelfHosting)
[mail.cg.ru] Authorizing…
[mail.cg.ru] Authorizing using http-01 validation (SelfHosting)
[pool.cg.ru] Authorizing…
[pool.cg.ru] Authorizing using http-01 validation (SelfHosting)
[autodiscover.cg.ru] Authorization result: invalid
[autodiscover.cg.ru] {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://autodiscover.cg.ru/.well-known/acme-challenge/FZbjBDbDplMebl7WUniRIz8iCNLcjzXekRcPNbfLpso: Connection refused”,
“status”: 400
}
[cg-sr-exch.cg.ru] Authorization result: invalid
[cg-sr-exch.cg.ru] {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://cg-sr-exch.cg.ru/.well-known/acme-challenge/vrA7iY__2PgD0Agy6rl6j1hjJ6N_nvPVnyfEf6mPzbc: Connection refused”,
“status”: 400
}
[mail.cg.ru] Authorization result: invalid
[mail.cg.ru] {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://mail.cg.ru/.well-known/acme-challenge/zRk2WRBq-mk-2KC-nVBQWGZq_IFe-Ezi8uPmAN0saS8: Connection refused”,
“status”: 400
}
[pool.cg.ru] Authorization result: invalid
[pool.cg.ru] {
“type”: “urn:ietf:params:acme:error:connection”,
“detail”: “Fetching http://pool.cg.ru/.well-known/acme-challenge/jYvHOqSdovxSRDIPtwM55sD8UmE6e127N6cGQmpafdw: Connection refused”,
“status”: 400
}
Create certificate failed: [autodiscover.cg.ru] Validation failed
- [cg-sr-exch.cg.ru] Validation failed
- [mail.cg.ru] Validation failed
- [pool.cg.ru] Validation failed
C:\LetsEncrypt>
The operating system my web server runs on is (include version):winserver 2019
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):Software version 2.1.9.870
I am trying to create a SSL certificate for Exchange Server 2019. Here is such an error, what am I doing wrong?