Win-acme error processing certificate renewal

Help
1

My domain is:gitback.com

I ran this command:C:\WinAcme\wacs.exe --renew --baseuri “https://acme-v02.api.letsencrypt.org/

It produced this output: Renewal for Gitback failed with error Authorization failed , will retry on next run.

Hosts: *.gitback.com, gitback.com

Plugins
Target: Manual
Validation: Manual
CSR: EC
Store: CertificateStore
Installation: IIS

Sent by win-acme version 2.0.9.386

My web server is (include version):IIS 7.5

The operating system my web server runs on is (include version):Windows Server 2008 R2

My hosting provider, if applicable, is:Self

I can login to a root shell on my machine (yes or no, or I don’t know):Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):win-acme version 2.0.9.386

I’ve got this as a scheduled task. Initial run from the command line worked fine. But it won’t renew. This URL works, but will redirect to https:
http://www.gitback.com/.well-known/acme-challenge/WhoiZePDpo63pAyTArkUI-4GgxDAAY6Y4kpRRMsAdrM
In EventViewer, I get error 47060 Renewal for “Gitback” failed, will retry on next run, error 57488 Error authorizing “PKISharp.WACS.DomainObjects.TargetPart”, error 63436 (null): “User input ‘Please press enter after you’ve deleted the record’ should not be needed in --renew mode.”, and error 64726 Error preparing for challenge answer
System.Exception: User input ‘Please press enter after you’ve created and verified the record’ should not be needed in --renew mode.
at PKISharp.WACS.Services.InputService.Validate(String what)
at PKISharp.WACS.Services.InputService.Wait(String message)
at PKISharp.WACS.Plugins.ValidationPlugins.Dns.Manual.CreateRecord(String recordName, String token)
at PKISharp.WACS.Plugins.ValidationPlugins.DnsValidation2.PrepareChallenge() at PKISharp.WACS.Plugins.ValidationPlugins.Validation2.PrepareChallenge(IChallengeValidationDetails challenge)
at PKISharp.WACS.Wacs.Authorize(ILifetimeScope execute, RunLevel runLevel, OrderDetails order, ValidationPluginOptions options, TargetPart targetPart, Authorization authorization)

2

Hi @chargerback-ron

you use a wildcard certificate. So dns-01 validation is required, not http-01 validation (with a file in /.well-known/acme-challenge).

Does that client support the GoDaddy-DNS-API?

|gitback.com|• ns35.domaincontrol.com / p11|97.74.107.18
Scottsdale/Arizona/United States (US) - GoDaddy.com, LLC|

Your name server is from GoDaddy.

The error looks like the tool wants an input.

3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.