Failed to Communicate with Certificate Authority


I’m trying to generate my first cert of a simple IIS server, and I’m getting this error: “Failed to communicate with the Certificate Authority. Check their status page for service announcements and ensure your system can make outgoing https requests.”

System specifics: Windows Server 2016, behind a proxy (as a government department we cannot get a direct connection), can reach the web, can reach, CTW service running ok, Lets Encrypt services OK, attempted with both firewall enabled and disabled, no change.

I’ve also tried on a number of other servers and workstations, issue persists.

Does anyone have any ideas?

Thanks in advance,

Hi, proxies are not supported by Certify The Web. You can make it work but various functionality may be affected. Installation & Upgrades | Certify The Web Docs

You may be able to follow guidance online to enable .net to use a proxy by default (our app is using .net 4.6.2 or higher) e.g. Configure .NET framework to use a web proxy - it’s also possible to configure app specific settings in the .config for the certify service but this will be reset after every update.

The reason we don’t support proxies is there is very low demand, the core process could be updated to support them but additional things like deployment task and DNS providers would all have special cases to consider.

1 Like

Note that if you can provide a transparent proxy at the OS level (so all http/https traffic goes via the proxy with no requirement to configure apps) then it should work, but again the variables are such that we can’t directly provide support for that.

Thanks for the input. It didn’t work for us. As an education site we just have too many proxies and firewalls between us and the outside world.

Thanks anyway.

Thanks, totally understand the need for proxies in your environment. Most of our users are serving public sites so their servers are not on their internal networks, which I think is why we have low demand for proxies.