Trying to setup Let's Encrypt to AutoRenew SSL Cert in All-in-one box but have renewal issues #2288
Replies: 3 comments 2 replies
-
If you don't have 80, 443 and don't want to do DNS then I'm afraid you're all out of all easy options. You could do something like forwarding port 80 to another box and the network level and FTP the validation files there. But honestly DNS validation is the best practice here |
Beta Was this translation helpful? Give feedback.
-
Wouter #PowerShell Script $Path = "C:\Scripts\Temp" #Test if download destination folder exists, create folder if required #Begin download of WinAcme Agent Expand-Archive -Path $Output -DestinationPath "C:\LetsEncrypt" #Settings for Let's Encrypt #This is to allow the RDS Roles to be registered with the new SSL Cert (Per Let's Encrypt Scripts Folder) #This is to stop the same services for renewal. It is added manually to the Task Scheduler #This is to start the same services for renewal. It is added manually to the Task Scheduler $site = Read-Host "Specifiy domain/URL to be secured (ex. xxx.mydomainame.com):" #Stop KPSSVC service as it will conflict with validation on port 443 |
Beta Was this translation helpful? Give feedback.
-
@WouterTinus Did you get a chance to review this? |
Beta Was this translation helpful? Give feedback.
-
We are working on setting up the autorenewal on a single server (DC, DNS, Application, IIS, RDS) and the win-acme / Let's Encrypt installs and executes w/o an issue and even puts a scheduled task in Task Scheduler but when it come time to do the scheduled renewal which we have it set for every 31 days. it fails for TLS due port 443 being open and utilized by RDGateway and IIS and KDC proxy from this all in one box. What is the best approach to go around this w/o opening up Port 80 or DNS. Is there a way to get around this blocked port?
#2 Another problem I See as well is that the scheduled Task that is created is at a set defined time and would like to change it if possible or does that break the autorenew process as I have seen sometimes it just does not execute even though it is created.
Beta Was this translation helpful? Give feedback.
All reactions