Problems with Deploy to Local Server - Path Access Denied

Hi - I’m trying to run CTW on a Windows Server 2012r2 deploying to a local nginx installation and using LetsEncrypt. All is good in terms of creating and building the certificate but I can’t get deployment to work. I’ve tried using a specific nginx task and also a simple Export Certificate to folder. Both fail in the same way saying ‘Access to path c:\etc is denied’. I’ve tried running CTW as Administrator and running the Deploy task with specific credentials but it always fails. The server is also running IIS it has Poweshell, WAF5.1 and .Net 4.8 installed. I’ve also tried exporting to non-c: system drive folders but again all report ‘access denied’.

I guess I’m missing something obvious? Would welcome suggestions for chasing this problem down. Many thanks.

Same problem here, even tried to run the service as an local admin user,no good.

When you export you need to specify the full output path for each file including the file name, not just a folder. The access denied issue could be it’s trying to write a file called c:\etc which is already a folder.

By default the task runs as the local system (the user the background service is running as) so if you can’t write to your folder you need to check the folder permissions.

Thank you for your helpful response! :slight_smile: Yes, that did the trick. All now working fine.

1 Like

Great, we need to detect that and provide a more user friendly error message.

Not sure I am following here. Access denied error in a Windows environment.

Could you explain in a bit more detail.

Hi, I think you may be using a path like C:\Something\Something when actually the app is expecting a full file path C:\Something\Something\cert.pem (for example). For each cert component the app exports you need to specify a full file name, this is because different configurations will use different naming for the actual cert files so the app doesn’t guess.


Created a file called cert.pfx and it worked.

Strange behavior. but so be it.

Thanks for the clarification.