Clear handlers and readd StaticFile handler

[benaadams]

Extensionless can clash with other things like asp.net etc; but only static files is needed

<?xml version = "1.0" encoding="UTF-8"?>
 <configuration>
     <system.webServer>
        <staticContent>
            <mimeMap fileExtension="." mimeType="text/plain" />
        </staticContent>
        <handlers>
            <clear />
            <add name="StaticFile" path="*" verb="*" type="" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" scriptProcessor="" resourceType="Either" requireAccess="Read" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
        </handlers>
     </system.webServer>
 </configuration>

[webprofusion-chrisc]

Thanks, the auto applied extensionless config is only under the .well-known folder - are you seeing a scenario where the more verbose config is required?

[benaadams]

Its in the acme-challenge folder; the issue is the asp.net mvc handler or some other handler intervenes as its earlier in the pipeline and prevents the files from being served.

As the web.config in acme-challenge is overridden when trying to get a new certificate; the solution I'm working with is to add a web.config with the clear and add up a folder in the .well-known folder so it doesn't get overwritten.

<?xml version = "1.0" encoding="UTF-8"?>
 <configuration>
     <system.webServer>
        <handlers>
            <clear />
            <add name="StaticFile" path="*" verb="*" type="" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" scriptProcessor="" resourceType="Either" requireAccess="Read" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
        </handlers>
     </system.webServer>
 </configuration>

However its an extra manual step and would be better if it was included in the emitted web.config as suggested in the previous example.

[webprofusion-chrisc]

I see, I've used this on mvc sites as well as .aspx and it seemed to work ok but it could be a non-default handler involved. The config will also vary for .net core 1.0 vs .net 4.6 (different setup for handlers). Ok, It's on the todo list.

[benaadams]

Hmm, it might be URLRewrite as I'm doing ARR forwarding on the same site to it may be that handler that's getting in the way? It gets the file but refuses to serve it as a security protection.

[benaadams]

Similar issue and solution found win-acme/win-acme#37

[webprofusion-chrisc]

The syntax also varies slightly between iis versions (7 vs 7.5/8) so we currently automatically try one, then another. Note that if you copy in your own web.config we won't overwrite it later.

[benaadams]

All of them (for every site) currently get overwritten each time I try to use Certify to do a new site?

[webprofusion-chrisc]

Each site gets its own .well-known folder and sub folders, unless they are multiple sites/bindings pointing to the same site files. If the extensionless file check fails (the app tries to load an extensionless test file over http) then it will try its own web.config

[TonyValenti]

I just create #21 which fixes this problem. I was dealing with it too.

[webprofusion-chrisc]

Closing. Most recent release (0.9.91) has these fixes included.