Hi,
I have no previous knowledge about SSL/HTTPS - I’m just trying to put HTTPS in my local server due some clients requests (and to remove the infamous “Not Safe” message). I tryied Windows ACME Simple (WACS) as it looked like a simple way for a newbie to do that.
The installation was ok, I just followed the steps in WACS app, created the required bind at IIS, the certificate was created and included in IIS.
But when testing it was refused by Chrome and Firefox (as a potential risk). Chrome message is “NET::ERR_CERT_AUTHORITY_INVALID”.
In Firefox I could see the certificate, and for my surprise it was issued for “s02arquivo.softether.net” and not for the expected domain “s02.arquivo.net”.
Softether is a free software that is installed on the server to allow some people to access our LAN via VPN, used because they are at home-office due coronavirus. But it should have NO relation with my IIS and I think it should not affect the process, but it did…
I did a second attempt turning SoftEther offline, revoked the first certificate (within WACS app), and tryed again. But the bind was nor found anymore (probably because it was previously used), so I used manual option and could recreate it (maybe I have two certificates now, the first one is still there, but with an “error” condition attached). So I deleted previous bind, remade it assigning the “manual” entry from second attempt, but it didn’t work, both browsers (after CTRL-F5 reload) keep providing the same information and the same “s02arquivo.softether.net” reference.
Why did the VPN SoftEther software affect the process and was used as part of the certificate?
How to prevent this problem? Should totally UNINSTALL SoftEther?
How to remove the certificate and competely clean it to retry a clean new attempt (no previous bindings, no previous certificates to cause confusion)?
Can I include correct organization data in this automated certification process?
After successful in this process I’m trying to do for s02.arquivo.net, I’ll need also to do the same for other servers, like s01.arquivo.net, s03.arquivo.net, etc. Any tip?
Thanks for any help!
Marcelo.
My domain is: s02.arquivo.net
My web server is (include version): IIS 10
The operating system my web server runs on is (include version): Win2016 Server Std
My hosting provider, if applicable, is: self server
I can login to a root shell on my machine (yes or no, or I don’t know): No
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No. Just use the default IIS administration tool, locally.
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot): Windows ACME Simple