Renewal fails, test passes

Hello, I have the same issue, I can open a testfile remote:

  • /.well-known/acme-challenge/test.txt
    but not the files that were already there:
  • /.well-known/acme-challenge/configcheck
  • /.well-known/acme-challenge/web.config

When renewing the certificate the log still shows “Previous renewals failed: 103. Renewal will be attempted within 48hrs.”

Hi, I’ve moved this to a new topic because the thread you replied to was from 2 years ago.

Please check your log file to see why your renewal is failing.

Ensure that your domain passes the checks from

Are you running any software other than IIS (such as Apache or nginx?).

The logfile says:
Validation of the required challenges did not complete successfully. Fetching http:///.well-known/acme-challenge/ABz4jt8c4Xi1cPYTZqmnaZgj9_iryAFRfjfTjLIo8II: Timeout during connect (likely firewall problem)

The domain passes the test (
This is IIS on Windows 2016.

Hi, if you need to discuss this more please contact support at with details of the domain to check and a copy of your log.

By default certify uses it’s own http listener (using http.sys) on port 80 temporarily during http validation, bypassing IIS. The main reason this would fail would be if the http challenge server can’t launch (because something other than IIS is using port 80) or it has been disabled. Other reasons can include selective IP blocking which is generally unsuitable for use with Let’s Encrypt http validation.

DNS validation is the recommended alternative if http validation is likely to be problematic for you.