Type: Unauthorized error

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: fusenet.marekgroup.com

I ran this command: certbot certonly --webroot

It produced this output:

Saving debug log to C:\Certbot\log\letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Please enter in your domain name(s) (comma and/or space separated) (Enter 'c'
to cancel): fusenet.marekgroup.com
Requesting a certificate for fusenet.marekgroup.com
Performing the following challenges:
http-01 challenge for fusenet.marekgroup.com
Input the webroot for fusenet.marekgroup.com: (Enter 'c' to cancel): c:\inetpub
fusenet
Waiting for verification...
←[31mChallenge failed for domain fusenet.marekgroup.com←[0m
http-01 challenge for fusenet.marekgroup.com
Cleaning up challenges
←[31mSome challenges have failed.←[0m
←[1m
IMPORTANT NOTES:
←[0m - The following errors were reported by the server:

Domain: fusenet.marekgroup.com
Type: unauthorized
Detail: 216.176.3.167: Invalid response from
http://fusenet.marekgroup.com/.well-known/acme-challenge/54p9jxsT9hPh64a_-7Hg
qmMxkr5wMSFSKPgC7ilwioE:
404

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.

My web server is (include version): iis

The operating system my web server runs on is (include version): Server 2008 R2 (Yes, I know it's EOL, Yes I know it has problems, Yes, I would have upgraded years ago if I could have, Yes, we are going to retire it ASAP. If you are just going to say upgrade your stupid server moron, please, I beg you from the bottom of my heart, just don't... that's completely unhelpful right now. Thank you)

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.15 (it's the only one that actually worked, if I install later versions, I can't run any certbot commands, it can't find them)

I am just trying to get this server to limp through until we can replace it. I don't want to spend any extra $$$ if we don't have to, hence, here I am with Let's Encrypt. I can see it put a file in the acme-challenge folder, but then it just disappears and I get the 'Invalid Response' error. The DNS seems to be all resolving ok from what I can tell. The site works fine. But I do feel I must be missing something obvious here. Any help (besides "Upgrade Your server, moron") is greatly appreciated.

Is that the correct webroot?
Maybe it needs to be enclosed within quotes...?
"c:\inetpub\fusenet"
Let's test that by placing a test text file in that location and then accessing it via the Internet.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.