Ssl on iis 10 and exchange 2019

My domain is:
mail.gazelkin.ru
I ran this command:

wacs.exe --target manual --host mail.gazelkin.ru,exc.gazelkin.ru,autodiscover.gazelkin.ru --store centralssl --centralsslstore “C:\Central SSL” --installation iis,script --installationsiteid 1 --script “./Scripts/ImportExchange.ps1” --scriptparameters “’{CertThumbprint}’ ‘IIS,SMTP,IMAP’ 1 ‘{CacheFile}’ ‘{CachePassword}’ ‘{CertFriendlyName}’”

It produced this output:

A simple Windows ACMEv2 client (WACS)
Software version 2.1.10.896 (RELEASE, PLUGGABLE)
ACME server https://acme-v02.api.letsencrypt.org/
IIS version 10.0
Running with administrator credentials
Scheduled task is disabled
Scheduled task exists but does not look healthy
Please report issues at https://github.com/win-acme/win-acme
Running in mode: Unattended
Target generated using plugin Manual: mail.gazelkin.ru and 2 alternatives
Unable to decrypt configuration value, may have been written by a different machine.
Overwriting previously created renewal

[exc.gazelkin.ru] Authorizing…
[exc.gazelkin.ru] Authorizing using http-01 validation (SelfHosting)
[exc.gazelkin.ru] Authorization result: invalid
[exc.gazelkin.ru] {
“type”: “urn:ietf:params:acme:error:unauthorized”,
“detail”: “Invalid response from https://exc.gazelkin.ru/.well-known/acme-challenge/_ncbQ8TX5xtW38Y_AD_GXmV4fuo9RnJBDXHneVwaRkw [77.243.83.103]: 404”,
“status”: 403
}
Create certificate failed: [exc.gazelkin.ru] Validation failed

My web server is (include version):
IIS 10
The operating system my web server runs on is (include version):
Windows 2019

Exchange 2019

I created the file manually and it is available https://exc.gazelkin.ru/.well-known/acme-challenge/va

whats wrong?

Are you using the manual target because you’re load balancing? If not it’s generally it’s better to let the app do all the work for validation.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.