Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:scoreb.org
I ran this command:
It produced this output:
My web server is (include version):Windows 2022
The operating system my web server runs on is (include version): IIS 8
There is an immediate IIS rewrite to a dif domain Is that preventing the installation or renewal of the cert?
Hello @gregrossscore, welcome. 
What ACME Client are you using?
(here is a list, probably not all, of ACME Clients ACME Client Implementations - Let's Encrypt)
1 Like
@gregrossscore, Also from here SSL Server Test: scoreb.org (Powered by Qualys SSL Labs)
I see OCSP stapling Yes, you might need to turn that off in IIS.
1 Like
It did for me with nginx on FreeBSD.
OCSP has changed for Let's Encrypt moving to CRLs. Please see this:
1 Like
Not if you make the correct certificate request.
Your domain is correctly using a GlobalSign certificate that does not expire until Dec 2025.
The most recent Let's Encrypt cert I see expired in Nov 2023. Is that what you are trying to "renew"?
Please provide more explanation of what you did and what you are trying to do.
2 Likes
I switched to GlobalSign when the LE would not automatically renew. I want to go back to LE if I can to get the automatic renewal.
I want to understand why it failed and to correct it. I was thinking it was because no access to the url ever gets to it because of the IIS rewrite
Okay, good, thanks
What was the program you used and what was its version?
What command did you use to request the certificate?
1 Like