Renewing with FileSystem, web.config is deleted after first validation

[bluecompassinteractive]

When renewing certificates with FileSystem with multiple domains the web.config file is deleted after the first domain validates, then the validation fails on subsequent domains because the web.config is not recreated.

When version 2.1.20.1185 When renewing with multiple domains the web.config file remains in the .well-knows/acme-challenge folder (or is recreated). With 2.2.2.1.1449 the web.config is removed after the first domain is validated, then the next validation fails. When watching the .well-known/acme-challenge folder I see the web.config and the validation file for the first domain, then both files get removed and the new validation file is in the folder (no web.config). With 2.1.20.1185 the web.config files stays in the .well-known/acme-challenge folder.

I can work around it by running the renewal multiple times or reverting to version 2.1.20.1185

Console output:
Welcome to the renewal manager. Actions selected in the menu below will be
applied to the following list of renewals. You may filter the list to target
your action at a more specific set of renewals, or sort it to make it easier
to find what you're looking for.

1: [IIS] ag-iowa.com, (any host) - renewed 2 times, due now

E: Edit renewal
X: Reset sorting and filtering
D: Show details for 1 of 24 renewals
L: Show command line for 1 of 24 renewals
R: Run 1 of 24 renewals
S: Run 1 of 24 renewals (force)
T: Run 1 of 24 renewals (force, no cache)
U: Analyze duplicates for 1 of 24 renewals
C: Cancel 1 of 24 renewals
V: Revoke certificate(s) for 1 of 24 renewals
Q: Back

Choose an action or type numbers to select renewals: r

Plugin IIS generated source ac-iowa.com with 12 identifiers
Plugin Single created 1 order
Renewing [IIS] ag-iowa.com, (any host)
Cached order has status invalid, discarding
[ac-iowa.com] Cached authorization result: valid
[ag-iowa.com] Cached authorization result: valid
[ai-iowa.com] Cached authorization result: valid
[at-iowa.com] Authorizing...
[at-iowa.com] Authorizing using http-01 validation (FileSystem)
Answer should now be browsable at http://at-iowa.com/.well-known/acme-challenge/3Z09tNzhgp1R_1yc5t8p3ou6jTsMEZ9tVCeKiUwFiEY
Preliminary validation looks good, but the ACME server will be more thorough
[at-iowa.com] Authorization result: valid
[cc-iowa.com] Authorizing...
[cc-iowa.com] Authorizing using http-01 validation (FileSystem)
Answer should now be browsable at http://cc-iowa.com/.well-known/acme-challenge/Ha2j2ffX7KiVraefN3Hr7ah6tBt_Wycetjm54pTQ2mU
Preliminary validation failed, the server answered '(null)' instead of 'Ha2j2ffX7KiVraefN3Hr7ah6tBt_Wycetjm54pTQ2mU.URdXujNecT9PWZNfXXbqVisYvGCBqDQFZESEUJFG_Jg'. The ACME server might have a different perspective
[cc-iowa.com] Authorization result: invalid
[cc-iowa.com] {"type":"urn:ietf:params:acme:error:unauthorized","detail":"34.202.219.96: Invalid response from http://cc-iowa.com/.well-known/acme-challenge/Ha2j2ffX7KiVraefN3Hr7ah6tBt_Wycetjm54pTQ2mU: 404","status":403,"instance":null}
File E:\DFS10\ag-iowa.well-known\acme-challenge\3Z09tNzhgp1R_1yc5t8p3ou6jTsMEZ9tVCeKiUwFiEY already deleted
File E:\DFS10\ag-iowa.well-known\acme-challenge\web.config already deleted
[cc-iowa.com] Deactivating pending authorization
[gt-iowa.com] Deactivating pending authorization
[www.ac-iowa.com] Deactivating pending authorization
[www.ag-iowa.com] Deactivating pending authorization
[www.ai-iowa.com] Deactivating pending authorization
[www.at-iowa.com] Deactivating pending authorization
[www.cc-iowa.com] Deactivating pending authorization
[www.gt-iowa.com] Deactivating pending authorization
Renewal for [IIS] ag-iowa.com, (any host) failed, will retry on next run
Validation failed
No certificate generated

[WouterTinus]

Thanks, this turned out to be a pretty subtle bug, but it's one that could potentially affect other plugins as well.

The fix is in build 1462, if you want to test it, you may download it from https://ci.appveyor.com/project/WouterTinus/win-acme-s8t9q/builds/46593267/artifacts

[bluecompassinteractive]

That did it! Thank you!