My domain is: fp.transmar.fi
I ran this command/ It produced this output:
C:\Program Files (x86)\LetsEncryptWACS2>wacs.exe --renew --verbose --baseuri "https://acme-v02.api.letsencrypt.org/"
[VERB] Verbose mode logging enabled
[VERB] Looking for settings.json in C:\Program Files (x86)\LetsEncryptWACS2
[DBUG] Config folder: C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org
[DBUG] Log path: C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Log
[DBUG] Cache path: C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Certificates
[INFO] A simple Windows ACMEv2 client (WACS)
[INFO] Software version 2.1.2.641 (RELEASE, PLUGGABLE)
[INFO] IIS version 10.0
[INFO] Running with administrator credentials
[INFO] Scheduled task looks healthy
[INFO] Please report issues at GitHub - win-acme/win-acme: A simple ACME client for Windows (for use with Let's Encrypt et al.)
[VERB] Test for international support: 語言 язык لغة
[VERB] Verbose mode logging enabled
[VERB] Arguments: --renew --verbose --baseuri https://acme-v02.api.letsencrypt.org/
[DBUG] Renewal period: 55 days
[VERB] Checking renewals
[VERB] Sending e-mails False
[DBUG] Scanning IIS site bindings for hosts
[VERB] 1 named bindings found in IIS
[DBUG] Filtering by site(s) [1]
[VERB] 1 bindings remaining after site filter
[DBUG] Filtering by host: ^(fp.transmar.fi)$
[VERB] 1 bindings remaining after host filter
[VERB] 1 matching bindings found
[VERB] Checking [IIS] site 1 fp.transmar.fi
[INFO] Renewing certificate for [IIS] site 1 fp.transmar.fi
[VERB] Loading ACME account signer...
[DBUG] Loading signer from C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Signer_v2
[VERB] Constructing ACME protocol client...
[DBUG] Send GET request to https://acme-v02.api.letsencrypt.org/directory
[VERB] Request completed with status OK
[DBUG] Send HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce
[VERB] Request completed with status OK
[DBUG] Loading account information from C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Registration_v2
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/new-order
[VERB] Request completed with status Created
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/85870921400
[VERB] Request completed with status OK
[INFO] Authorize identifier: fp.transmar.fi
[INFO] Authorizing fp.transmar.fi using http-01 validation (SelfHosting)
[DBUG] Submitting challenge answer
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/85870921400/D_wFjg
[VERB] Request completed with status OK
[VERB] SelfHosting plugin serving file /.well-known/acme-challenge/tKpudGpcxiM2J68Fot97K21iQLQn5Sn3q2PKZEu6Pms
[VERB] SelfHosting plugin serving file /.well-known/acme-challenge/tKpudGpcxiM2J68Fot97K21iQLQn5Sn3q2PKZEu6Pms
[VERB] SelfHosting plugin serving file /.well-known/acme-challenge/tKpudGpcxiM2J68Fot97K21iQLQn5Sn3q2PKZEu6Pms
[DBUG] Refreshing authorization (1/4)
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/85870921400/D_wFjg
[VERB] Request completed with status OK
[DBUG] Refreshing authorization (2/4)
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/85870921400/D_wFjg
[VERB] Request completed with status OK
[DBUG] Refreshing authorization (3/4)
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/85870921400/D_wFjg
[VERB] Request completed with status OK
[DBUG] Refreshing authorization (4/4)
[DBUG] Send POST request to https://acme-v02.api.letsencrypt.org/acme/chall-v3/85870921400/D_wFjg
[VERB] Request completed with status OK
[EROR] Authorization result: pending
[EROR] Renewal for [IIS] site 1 fp.transmar.fi failed, will retry on next run
[VERB] Exiting with status code 0
My web server is (include version): IIS 10
The operating system my web server runs on is (include version): Windows Server 2016 (self hosted)
This is an installation that has updated nicely with a scheduled task for quite a while with only the occasional hiccup, but now I only get the pending result above. The situation isn't dire, as the cert expires on the 17th, but it's getting to the point I'd like to get it sorted.
The error at the end about pending tells me pretty much nothing, and crt.sh just shows the existing cert being issued in December.
As far as I know nothing has changed on the machine beyond security patching and the like in some months.