Some challenges have failed

I have create a Acme server on Venafi and using CertBOT client for cert automation. However Venafi supports says this Certbot client issue.Port 80 is checked and it is on place. A record is in place. Please suggest if.

My domain is:Sxxxxx2.xxxx.xxxx

I ran this command:certbot certonly --webroot --server --cert-name FirstACMETEST --domains SESrrrfgklh.xxxxx --webroot-path "C:\inetpub\wwwroot

It produced this output:Saving debug log to C:\Certbot\log\letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Requesting a certificate for
Performing the following challenges:
http-01 challenge for xxxxxxxxxxxx
Using the webroot path C:\inetpub\wwwroot for all unmatched domains.
Waiting for verification...
e[31mChallenge failed for domain xxxxxxxxxxe[0m
Cleaning up challenges
e[31mSome challenges have failed.e[0m

My web server is (include version): Windows server 2016 standard

The operating system my web server runs on is (include version):Windows server 2016 standard

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.15.0

You may need to first create c:\inetpub\wwwroot\.well-known\web.config with these contents:

<?xml version="1.0" encoding="UTF-8"?>
             <mimeMap fileExtension="." mimeType="text/xml" />

Otherwise, IIS won't want to serve the challenge files up.

(This is all assuming the Ericsson ACME server can resolve your domain - it's not resolving in normal DNS).

Yes created a web.config file as stated and placed it on. C:\inetpub\wwwroot.well-known\acme-challenge but still didn't work. Yes DNS is resolving from ACME server

I see.

To check if the web.config file is working, you could try manually create this file (with no file extension):


and then try access it in your browser at

If that works, Certbot should work too.

1 Like

Hi @Rapi

that's not a Letsencrypt relevant question. So this forum is the wrong place.


Is that ACME-v1? If yes, that may not work with a new Certbot.

Thanks! Well It is V1 and it worked on Linux. Is the restriction for Windows machine specifically

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.