Trouble getting cert on Windows without IIS (Gitea)

My domain is: example.domain.dev

I ran this command: Certify the Web Test

It produced this output:

  • Querying the state of IIS failed
  • Built-in Http challenge server process unavailable
  • The website root path for example.domain.dev could not be determined. Request cannot continue.

My web server is (include version): Gitea 1.12.3

The operating system my web server runs on is (include version): Windows Server 2019

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 5.1.3.0

Has anyone ever successfully acquired a cert with Gitea? They have a section in their docs that talks about LetsEncrypt, but I cannot get it to work. I can’t figure out how to get Gitea to serve the .well-known content. Gitea logs an error “GetUserByName: User does not exist [name: .well-known]”.

Would appreciate any tips.

Is there a way to specify the “website root path”?

The Gitea doc you linked to implies that it has native support for Let’s Encrypt built-in. You don’t need to use a separate client like Certify the Web as long as you have your DNS and routing setup properly so that your server running Gitea is reachable from the Internet on port 80 and 443.

In addition to starting Gitea on your configured port, to request HTTPS certificates, Gitea will also need to listen on port 80, and will set up an autoredirect to HTTPS for you. Let’s Encrypt will need to be able to access Gitea via the Internet to verify your ownership of the domain.

Thanks for the response. I’m missing something big. How do I initiate this “native support” if not using a client?

The doc says you have to add the appropriate settings in your app.ini config file.

[server]
PROTOCOL=https
DOMAIN=git.example.com
ENABLE_LETSENCRYPT=true
LETSENCRYPT_ACCEPTTOS=true
LETSENCRYPT_DIRECTORY=https
LETSENCRYPT_EMAIL=email@example.com

Most of these seem pretty straightforward. There is also a config cheat sheet doc that explains them in more detail.

I’ve never actually used Gitea. I’m just reading what the docs say.