I’m running a site on Windows Server 2019, IIS 10, and have been successfully using a different LetsEncrypt client until recently it wouldn’t renew anymore. I spent all day troublshooting without luck, including downloading and attempting to use CertifyTheWeb (which I find much more pleasant than the command line alternative I used before). I get the same error using both clients.
Anyway, I’m not sure what information I need to provide here other than the the error log. Oh, although I didn’t have to do any of this before, I have verified that “.well-known/acme-challenge/configcheck” was created on my site and after manually creating a web.config it’s also accessible on the public web. Running Let's Debug also verifies the error (“Connection reset by peer”). Before going crazy, can anyone help? Here’s the log file:
2022-03-28 20:37:16.593 +02:00 [INF] All Tests Completed OK
2022-03-28 20:37:42.543 +02:00 [INF] [Preview Mode] Completed certificate request and automated bindings update (IIS)
2022-03-28 20:38:45.983 +02:00 [INF] ---- Beginning Request [linkdev.langlo.no] ----
2022-03-28 20:38:45.995 +02:00 [INF] Certify/5.6.7.0 (Windows; Microsoft Windows NT 10.0.17763.0)
2022-03-28 20:38:46.002 +02:00 [INF] Beginning Certificate Request Process: linkdev.langlo.no using ACME Provider:Certes
2022-03-28 20:38:46.003 +02:00 [INF] Requested identifiers to include on certificate: linkdev.langlo.no
2022-03-28 20:38:46.004 +02:00 [INF] Beginning certificate order for requested domains
2022-03-28 20:38:46.026 +02:00 [INF] BeginCertificateOrder: creating/retrieving order. Retries remaining:2
2022-03-28 20:38:47.133 +02:00 [INF] Created ACME Order: https://acme-v02.api.letsencrypt.org/acme/order/472550320/75352548880
2022-03-28 20:38:47.438 +02:00 [INF] Fetching Authorizations.
2022-03-28 20:38:48.361 +02:00 [INF] Got http-01 challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/92399747070/ymmrsg
2022-03-28 20:38:48.660 +02:00 [INF] Got dns-01 challenge https://acme-v02.api.letsencrypt.org/acme/chall-v3/92399747070/XYTNFQ
2022-03-28 20:38:49.701 +02:00 [INF] Http Challenge Server process available.
2022-03-28 20:38:49.702 +02:00 [INF] Attempting Domain Validation: linkdev.langlo.no
2022-03-28 20:38:49.702 +02:00 [INF] Registering and Validating linkdev.langlo.no
2022-03-28 20:38:49.702 +02:00 [INF] Preparing automated challenge responses (linkdev.langlo.no)
2022-03-28 20:38:49.705 +02:00 [INF] Preparing challenge response for the issuing Certificate Authority to check at: http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0 with content ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0.6hDWJlHlkX8zKc5iUwM-ATSDghhtCo8D86FFHAk2Qes
2022-03-28 20:38:49.705 +02:00 [INF] If the challenge response file is not accessible at this exact URL the validation will fail and a certificate will not be issued.
2022-03-28 20:38:49.720 +02:00 [INF] Using website path D:\WebSites\linkdev.langlo.no
2022-03-28 20:38:49.721 +02:00 [INF] Checking URL is accessible: http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0 [proxyAPI: True, timeout: 5000ms]
2022-03-28 20:38:49.823 +02:00 [WRN] Problem checking URL is accessible : http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0 The remote server returned an error: (404) Not Found.
2022-03-28 20:38:49.823 +02:00 [INF] Checking URL is accessible: http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0 [proxyAPI: False, timeout: 5000ms]
2022-03-28 20:38:49.948 +02:00 [INF] (local check) URL is accessible. Check passed. HTTP OK
2022-03-28 20:38:49.948 +02:00 [INF] Requesting Validation: linkdev.langlo.no
2022-03-28 20:38:49.971 +02:00 [INF] Attempting Challenge Response Validation for Domain: linkdev.langlo.no
2022-03-28 20:38:49.971 +02:00 [INF] Registering and Validating linkdev.langlo.no
2022-03-28 20:38:49.971 +02:00 [INF] Checking automated challenge response for Domain: linkdev.langlo.no
2022-03-28 20:38:51.180 +02:00 [INF] Domain validation failed: linkdev.langlo.no
Fetching http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0: Connection reset by peer BadRequest urn:ietf:params:acme:error:connection
2022-03-28 20:38:51.888 +02:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: linkdev.langlo.no
Fetching http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0: Connection reset by peer BadRequest urn:ietf:params:acme:error:connection
2022-03-28 20:38:51.888 +02:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: linkdev.langlo.no
Fetching http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0: Connection reset by peer BadRequest urn:ietf:params:acme:error:connection
2022-03-28 20:38:51.889 +02:00 [INF] Validation of the required challenges did not complete successfully. Domain validation failed: linkdev.langlo.no
Fetching http://linkdev.langlo.no/.well-known/acme-challenge/ZN-QdPg78DCf9J7wKDamm-aeQJNhU2HrfPXe9KslFK0: Connection reset by peer BadRequest urn:ietf:params:acme:error:connection
2022-03-28 21:08:54.595 +02:00 [INF] [Preview Mode] Completed certificate request and automated bindings update (IIS)
2022-03-28 21:09:14.522 +02:00 [INF] All Tests Completed OK
Many Thanks,
Tor