Hi, I’m trying to request a new cert, I am doing the http-01 validation and when I run the test, it works I get: (domain.com and www.domain.com are not the actual entries, masked)
Application Pool: Configuration Override Enabled
Http Challenge Server process available.
The app is managing to talk to the server it’s hosted on, but when the CA requests the same thing externally they are blocking by your firewall.
Currently the app “Test” mode accepts locally resolved http requests as valid but really it shouldn’t, because they are only half the story. We only keep it that way for legacy reasons.
HTTP domain validation means the CA (Let’s Encrypt) will check for a particular result from your server at http://<yourdomain>/.well-known/acme-challenge/<token>. If you block incoming HTTP, TCP port 80, either for all users or for specific countries etc, then you block the CA from validating your domain. HTTP Validation (http-01) | Certify The Web Docs