Good day!
Cannot renew certificate for my host via HTTP-01 (FTP) validation: token file successfully uploading, but response is empty.
Log-file attached.
Please help me.
log-20250821.txt (34.4 KB)
It looks like your win-acme is not working with your ftp server properly. I am not expert at win-acme so perhaps others here may offer more help. Or, post this at the win-acme github.
I will say this part of the log is important. It shows that win-acme cannot get the data right after uploading it. Even though that fails it tries asking Let's Encrypt for a cert anyway and LE fails with exactly the same problem.
You need to review how win-acme and your ftp server communicate. Note especially the "unable to build data connection" message and then the GET that failed with an "Empty response"
2025-08-21 11:49:56.086 +03:00 [INF] FTP: Status: FTPS authentication successful, lib = .NET SslStream, cipher suite = Tls12 (Aes256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, 44550, 255) [33ms]
2025-08-21 11:49:56.092 +03:00 [VRB] FTP: Status: Uploaded 87 bytes
2025-08-21 11:49:56.096 +03:00 [VRB] FTP: Status: Disposing(async) FtpSocketStream(data connection of AsyncFtpClient)
2025-08-21 11:49:56.105 +03:00 [VRB] FTP: Status: Waiting for response to: STOR /.well-known/acme-challenge/tV4IHw6DUnjWLhoiHorKeqWvstjnzF2G5p_AcGOwc1Y
2025-08-21 11:49:56.122 +03:00 [INF] FTP: Response: 425 Unable to build data connection: Operation not permitted [109ms]
2025-08-21 11:49:56.127 +03:00 [WRN] Upload ftp://ftp.h406543403.nichost.ru/.well-known/acme-challenge/tV4IHw6DUnjWLhoiHorKeqWvstjnzF2G5p_AcGOwc1Y status "Failed"
2025-08-21 11:49:56.135 +03:00 [INF] Answer should now be browsable at http://itinn.ru/.well-known/acme-challenge/tV4IHw6DUnjWLhoiHorKeqWvstjnzF2G5p_AcGOwc1Y
2025-08-21 11:49:56.140 +03:00 [DBG] [HTTP] Send GET to "http://itinn.ru/.well-known/acme-challenge/tV4IHw6DUnjWLhoiHorKeqWvstjnzF2G5p_AcGOwc1Y"
2025-08-21 11:49:56.210 +03:00 [VRB] [HTTP] Request completed with status "OK"
2025-08-21 11:49:56.213 +03:00 [VRB] [HTTP] Empty response
2025-08-21 11:49:56.218 +03:00 [WRN] Preliminary validation failed, the server answered '(null)' instead of 'tV4IHw6DUnjWLhoiHorKeqWvstjnzF2G5p_AcGOwc1Y.XaKAGiZxPeGZ-UJMtBgNJ94Yv3ybexzvYQ7h_yT234Q'. The ACME server might have a different perspective
3 Likes
This looks like you’re running the ACME client on a different computer than your web server. While that’s not inherently a problem as long as the whole process is automated (and there are sometimes good reasons to do so), often it’s easier to have it run on the web server itself. Maybe you can explain a bit more about why you’re doing things the way you are? What access do you have to the web server (are you administrating it directly, or do you only have access through some kind of “control panel”)?
5 Likes
Hello, thanks for reply!
Do you know how can I connect win-acme only via FTP, not FTPS ?
No, I don't. You got a certificate before so review what changed.
As Peter mentioned, usually it is easier to run an ACME Client on the server that uses the certificate.
If you plan to stay with your Windows client / ftp you should look at https://simple-acme.com
The principal maintainer of win-acme no longer works on that project and instead offers simple-acme. I don't know that it would fix your ftp issue but at least you'd be using a package that is actively supported.
5 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.