The Lets Encrypt ACME server was probably unable to reach (Let’s Encrypt with Azure PaaS + Umbraco CMS)


#1

Hi,
I have configured the Let’s Encrypt extensions in to Azure web app.
When I trying to generate SSL certs for the custom domains, I’m getting below error.

Server Error in ‘/letsencrypt’ Application.


The Lets Encrypt ACME server was probably unable to reach http://www.up-cart.com.au/.well-known/acme-challenge/O0KWZtuDPH3rERh_LgZZSwCUbvCGw16LVb7IBLNlOm8 view error report from Lets Encrypt at https://acme-v01.api.letsencrypt.org/acme/authz/F83rmvWpl2qRfhkjpq2fhse5c64MCKpR0OglOMmqOOc for more information
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Exception: The Lets Encrypt ACME server was probably unable to reach http://www.up-cart.com.au/.well-known/acme-challenge/O0KWZtuDPH3rERh_LgZZSwCUbvCGw16LVb7IBLNlOm8 view error report from Lets Encrypt at https://acme-v01.api.letsencrypt.org/acme/authz/F83rmvWpl2qRfhkjpq2fhse5c64MCKpR0OglOMmqOOc for more information

Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

[Exception: The Lets Encrypt ACME server was probably unable to reach http://www.up-cart.com.au/.well-known/acme-challenge/O0KWZtuDPH3rERh_LgZZSwCUbvCGw16LVb7IBLNlOm8 view error report from Lets Encrypt at https://acme-v01.api.letsencrypt.org/acme/authz/F83rmvWpl2qRfhkjpq2fhse5c64MCKpR0OglOMmqOOc for more information]
LetsEncrypt.Azure.Core.Services.d__5.MoveNext() in J:\Projects\letsencrypt-siteextension\LetsEncrypt.SiteExtension.Core\Services\BaseHttpAuthorizationChallengeProvider.cs:121
System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() +26
LetsEncrypt.Azure.Core.Services.d__5.MoveNext() in J:\Projects\letsencrypt-siteextension\LetsEncrypt.SiteExtension.Core\Services\BaseHttpAuthorizationChallengeProvider.cs:131
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.Services.d__5.MoveNext() in J:\Projects\letsencrypt-siteextension\LetsEncrypt.SiteExtension.Core\Services\AcmeService.cs:41
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.d__12.MoveNext() in J:\Projects\letsencrypt-siteextension\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:173
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.Azure.Core.d__13.MoveNext() in J:\Projects\letsencrypt-siteextension\LetsEncrypt.SiteExtension.Core\CertificateManager.cs:186
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
LetsEncrypt.SiteExtension.Controllers.d__7.MoveNext() +595
System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) +99
System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) +58
System.Web.Mvc.Async.TaskAsyncActionDescriptor.EndExecute(IAsyncResult asyncResult) +97
System.Web.Mvc.Async.<>c__DisplayClass37.b__36(IAsyncResult asyncResult) +17
System.Web.Mvc.Async.WrappedAsyncResult1.CallEndDelegate(IAsyncResult asyncResult) +10 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +32
System.Web.Mvc.Async.AsyncInvocationWithFilters.b__3d() +50
System.Web.Mvc.Async.<>c__DisplayClass46.b__3f() +228
System.Web.Mvc.Async.<>c__DisplayClass33.b__32(IAsyncResult asyncResult) +10
System.Web.Mvc.Async.WrappedAsyncResult1.CallEndDelegate(IAsyncResult asyncResult) +10 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34
System.Web.Mvc.Async.<>c__DisplayClass2b.b__1c() +26
System.Web.Mvc.Async.<>c__DisplayClass21.b__1e(IAsyncResult asyncResult) +100
System.Web.Mvc.Async.WrappedAsyncResult1.CallEndDelegate(IAsyncResult asyncResult) +10 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49
System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27
System.Web.Mvc.Controller.b__1d(IAsyncResult asyncResult, ExecuteCoreState innerState) +13
System.Web.Mvc.Async.WrappedAsyncVoid1.CallEndDelegate(IAsyncResult asyncResult) +29 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49
System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +36
System.Web.Mvc.Controller.b__15(IAsyncResult asyncResult, Controller controller) +12
System.Web.Mvc.Async.WrappedAsyncVoid1.CallEndDelegate(IAsyncResult asyncResult) +22 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49
System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +26
System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10
System.Web.Mvc.MvcHandler.b__5(IAsyncResult asyncResult, ProcessRequestState innerState) +21
System.Web.Mvc.Async.WrappedAsyncVoid1.CallEndDelegate(IAsyncResult asyncResult) +29 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49
System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28
System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9
System.Web.CallHandlerExecutionStep.OnAsyncHandlerCompletion(IAsyncResult ar) +129

Can anyone tell me what the problem is?


#2

The client you’re using is attempting to utilize the http-01 challenge, also known as webroot. To issue a certificate, it will place a challenge file in the /.well-known/acme-challenge directory of your web root folder. This challenge file must be accessible from that location on your domain. It seems that an HTTP GET request to http://www.up-cart.com.au/.well-known/acme-challenge/...[long-filename]... did not return that file, but instead returned a 404 error.

How to fix that depends on how you’re attempting this, but chances are there’s some way to point it to the right directory, which you’ll need to do


#3

Hi Jared,

Thanks for pointing into the correct track.

My Azure WebApp setup with Umbraco CMS.

The problem is that Umbraco is takeover that path “~/.well-known/acme-challenge/…” and trying to route you to a document and failing to find one.

Fix: add new entries to the web.config file.

<appSettings>
	
	<add key="umbracoReservedPaths" value="~/umbraco,~/install/,~/.well-known" />
	
</appSettings>

<system.webServer>
	
	<staticContent>
		  <remove fileExtension="." />
		  <mimeMap fileExtension="." mimeType="text/plain" />
		
	</staticContent>
	
</system.webServer>

#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.