Renew Certificate in a Tier 0 Net

Maik · June 14, 2021, 12:55pm

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.compbees.de

I ran this command: win-acme

It produced this output: DNS problem: NXDomain looking up A for compbees.de - check that a DNS record exists for this domain", "status":

My web server is (include version): IIS 10

The operating system my web server runs on is (include version): Windows Server 2019 Standard

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): win-acme

Nekit · June 14, 2021, 1:08pm

$ whois compbees.de
Domain: compbees.de
Status: free

Looks like this domain is not registered at all. You sure there's no typo?

Maik · June 14, 2021, 1:15pm

Hi, to the scenario. I d like to automate the certificates via Lets Encrypt for my work. So i created at home a test environment in hyper-v. Only 1 Server with IIS. I have an Active Directory and configured the webserver. i created a binding to Port 80 and Port 443 to this site. I ve created a CNAME in my local DNS for the site.
But it doesnt work wit win-Acme, because i want to automate the certificate renew.

Did i forget anything? Thx in advance.

Nekit · June 14, 2021, 1:18pm

In order to get publicly trusted tls certificate you need to prove control of publicly resolvable domain name. It appears that the domain you are trying to get certificates for is not registered at all, hence you won't be able to get certificates from Let's Encrypt or any other publicly trusted CA for that matter.

More info here:

Maik · June 14, 2021, 1:33pm

Thx, so there are some more steps to do.

rg305 · June 14, 2021, 9:40pm

Or don't use a publicly trusted CA.
There are several private CAs might be helpful for your testing - until your automation is working.

system · July 14, 2021, 9:40pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certificate renewal on IIS 8 Help	5	1496	December 22, 2021
How to renew my certificate Help	5	633	June 14, 2020
Certificate renewal Help	20	8148	October 9, 2021
Renew expired certificate on windows server2019 Help	3	4198	May 23, 2022
Update to ACMEv2 and point to right infos to renew certs Help	6	1505	November 29, 2021

Renew Certificate in a Tier 0 Net

Related topics