My sites are all working currently but set to expire in a month or so. If I request a new certificate the request fails, but in addition to this if I try to use the most recent certificate the site I add it to is failing ERR_SSL_PROTOCOL_ERROR. I know the problem is with the certificate as I get this error in the browser if I apply it; then if I go back to the older one (the one currently installed) it works again.
The error I am getting for the sites I try to renew is:
Invalid response from https://www.[website]/.well-known/acme-challenge/XAkd29QFHVpy0pqMARmO535OJa-DRm5PKzOzemwjTKY [IP]: "\r\n\r\n\t\r\n \r\n \r\n \r\n \r\n \r\n\r\n\r\n\t\r\n\t\r\n\t\r\n\t\r\n\r\n\r\n\r\n\r\n\t\r\n\r\n\t\r\n \r\n\t\r\n\r\n \r\n \r\n \r\n\r\n \r\n \r\n \r\n\t\r\n \r\n " Forbidden urn:ietf:params:acme:error:unauthorized
I am using Load Balancer in Windows Server 2012 so I can’t use the built in challenge/response server.
I also have Certify running on a newer server (Server 2016) and it works fine from there (just entering the domains manually and the path to the web site as a network path). So I can renew a certificate but then I need to do a few things manually and that’s a bit of a pain.
So something is wrong with Windows 2012 - could I have the wrong root certificates? Or maybe my permissions are screwed up trying to write the file?
Thanks for any help.