Had been renewing ok for a few years
Am able to read extension-less files in acme-challenge folder on port 80 on remote system eg.
http://www.midlibrary.org/.well-known/acme-challenge/_v9QH54kCgnPYySBd_TIs65ojAdvbfxOaCKdfi1DV1M
letsdebug.net claims all ok
Let's Debug
although, in details states:
[LetsEncryptStaging]
Challenge update failures for www.midlibrary.org in order https://acme-staging-v02.api.letsencrypt.org/acme/order/5751349/3661752444
acme: error code 403 "urn:ietf:params:acme:error:unauthorized": 24.196.137.74: Invalid response from http://www.midlibrary.org/.well-known/acme-challenge/Rfum0zZYQXXoVRYaXbJHj1MNew0W4fX-s210v0CIgUc: 403
Firewall shows no blocks in log
My domain is: www.midlibrary.org
I ran this command: wacs.exe --renew --baseuri "https://acme-v02.
api.letsencrypt.org/" --verbose
It produced this output:
[DBUG] Scanning IIS bindings for hosts
[VERB] 12 named bindings found in IIS
[DBUG] Filtering based on binding type
[DBUG] Filtering by site(s) [2]
[VERB] 3 bindings remaining after site filter
[DBUG] Filtering by host: ^(www.midlibrary.org)$
[VERB] 1 bindings remaining after host filter
[VERB] 1 matching binding found
[DBUG] Scanning IIS sites
[VERB] Source converted into 1 order(s)
[VERB] Checking [IIS] midlibrary.org, www.midlibrary.org
[DBUG] Reading certificate cache
[VERB] v3 cache key not found, fall back to v2
[INFO] Renewing [IIS] midlibrary.org, www.midlibrary.org
[DBUG] Previous certificate found at C:\ProgramData\win-acme\acme-v02.api.letse
ncrypt.org\Certificates\llAXvcQ7L0uYK8tqnIgfpQ-80f32422d4d81331cc69304d00b28e75d
82de754-temp.pfx
[DBUG] Reading certificate cache
[VERB] v3 cache key not found, fall back to v2
[VERB] Obtain order details for Main
[DBUG] Refreshing cached order
[DBUG] Refreshing order...
[DBUG] Send POST to https://acme-v02.api.letsencrypt.org/acme/order/122827994/1
16465708317
[VERB] Request completed with status OK
[WARN] Cached order has status invalid, discarding
[VERB] Creating order for hosts: ["DnsName: www.midlibrary.org"]
[DBUG] Send POST to https://acme-v02.api.letsencrypt.org/acme/new-order
[VERB] Request completed with status Created
[VERB] Order https://acme-v02.api.letsencrypt.org/acme/order/122827994/11648039
8987 created
[DBUG] Send POST to https://acme-v02.api.letsencrypt.org/acme/authz-v3/14239038
3437
[VERB] Request completed with status OK
[WARN] Unable to scan for services
[WARN] Unable to scan for services
[VERB] Handle authorization 1/1
[WARN] Unable to scan for services
[INFO] [www.midlibrary.org] Authorizing...
[VERB] [www.midlibrary.org] Initial authorization status: pending
[VERB] [www.midlibrary.org] Challenge types available: ["http-01", "dns-01", "t
ls-alpn-01"]
[VERB] [www.midlibrary.org] Initial challenge status: pending
[INFO] [www.midlibrary.org] Authorizing using http-01 validation (FileSystem)
[VERB] Writing file to C:\inetpub\wwwroot\midlibrary.well-known\acme-challenge
\PGfCYAuACYKRq_6mihyFSh2ye7o0CsdsYZY83yLd87w
[DBUG] Writing web.config
[VERB] Writing file to C:\inetpub\wwwroot\midlibrary.well-known\acme-challenge
\web.config
[INFO] Answer should now be browsable at http://www.midlibrary.org/.well-known/
acme-challenge/PGfCYAuACYKRq_6mihyFSh2ye7o0CsdsYZY83yLd87w
[DBUG] Send GET to http://www.midlibrary.org/.well-known/acme-challenge/PGfCYAu
ACYKRq_6mihyFSh2ye7o0CsdsYZY83yLd87w
[VERB] Request completed with status OK
[INFO] Preliminary validation looks good, but the ACME server will be more thor
ough
[VERB] Starting commit stage
[VERB] Commit was succesful
[DBUG] [www.midlibrary.org] Submitting challenge answer
[DBUG] Send POST to https://acme-v02.api.letsencrypt.org/acme/chall-v3/14239038
3437/xx1Awg
[VERB] Request completed with status OK
[DBUG] Refreshing authorization (1/15)
[DBUG] Send POST to https://acme-v02.api.letsencrypt.org/acme/chall-v3/14239038
3437/xx1Awg
[VERB] Request completed with status OK
[EROR] [www.midlibrary.org] Authorization result: invalid
[EROR] [www.midlibrary.org] {
"type": "urn:ietf:params:acme:error:unauthorized",
"detail": "216.250.0.78: Invalid response from http://www.midlibrary.org/.well
-known/acme-challenge/PGfCYAuACYKRq_6mihyFSh2ye7o0CsdsYZY83yLd87w: 403",
"status": 403
}
[VERB] Starting post-validation cleanup
[DBUG] Deleting files
[VERB] Deleting file C:\inetpub\wwwroot\midlibrary.well-known\acme-challenge\P
GfCYAuACYKRq_6mihyFSh2ye7o0CsdsYZY83yLd87w
[VERB] Post-validation cleanup was succesful
[INFO] [www.midlibrary.org] Deactivating pending authorization
[DBUG] Send POST to https://acme-v02.api.letsencrypt.org/acme/authz-v3/14239038
3437
[VERB] Request completed with status OK
[VERB] Order 1/1 (Main): error
[VERB] Processing order 1/1: Main
[EROR] Renewal for [IIS] midlibrary.org, www.midlibrary.org failed, will retry
on next run
[VERB] Exiting with status code -1
My web server is (include version): IIS 6.1
The operating system my web server runs on is (include version): Win server 2008R2
My hosting provider, if applicable, is: (self)
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot): (win-acme v 2.1.22.1289)