One domain not verifying

I have 3 domains bound to a single iis site, and two of the domains work fine with certifytheweb.
The third one uses a cname record to verify a subdomain. I have not been able to verify this domain to date. The error in the logs is :

2020-11-28 11:19:08.174 -06:00 [INF] Validation of the required challenges did not complete successfully. Invalid response from http://XXXXX.YYYYYYYY.com/.well-known/acme-challenge/LONGREDACTEDHASHCODEHERE [xx.yy.zz.aa]: 404

I don’t see the hash named file being created on the path on the server.

I’m running on a windows 2012 r2 server instance on amazon ec2.

I prefer not to post the actual domain here if possible but trying to figure out what’s going on with this specific one. I run certify on a number of servers with similar or identical setups (minus the domain being different) and this is the only domain that gives me problems…

Thanks

Hi Brady,

It’s hard to help without a domain but you could try letsdebug.net to check some basics, just for the subdomain. For http validation to work your cname has to redirect to the server running Certify and that also means that both the IPv4 and IPv6 version of any DNS records need to point to the same server.

By default Certify runs it’s own http challenge server, so the response file is not normally created in the filesystem unless that part of the process has failed and we’ve reverted to filesystem validation (via IIS).