-
-
Notifications
You must be signed in to change notification settings - Fork 797
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Create certificate failed in SBS2012 (all authorization result: valid) #741
Comments
Looking at the source code and your log, this seems to fail during the conversion of the private key to the Microsoft RSA SChannel Cryptographic Provider, which may not be installed or disabled on your system. We might be able to diagnose that with more certainty if you post a log with I haven't encountered this problem before, but I'll make sure to add better error handling and a fallback to the default provider in the next release of LEWS. Thanks for reporting this bug! |
Thanks for the answer, Name Type Microsoft Base Cryptographic Provider v1.0 RSA Full (Signature and Key Exchange) Maybee Process is interferred throuh installed Certsrv. Log with --verbose [INFO] Let's Encrypt Windows Simple (LEWS) [DBUG] Renewal period: 55 N: Create new certificate Please choose from the menu: n [INFO] Running in Simple mode 1: Single binding of an IIS site Which kind of certificate would you like to create?: 3 [DBUG] Scanning IIS sites 1312694709: Companyweb (1 bindings) [@C:\inetpub\wwwroot\wss\VirtualDirectories\Companyweb80] Enter a comma separated list of site IDs, or 'S' to run for all sites: 1,4,5,6,7
Press enter to include all listed hosts, or type a comma-separated lists of exclusions: [INFO] Plugin IISSites generated target [IISSites] 1,4,5,6,7 [14 bindings - mangaard-informatik.de, ...] [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer [--test] Try in default browser? (y/n): - yes Press enter to continue... [DBUG] Submitting answer N: Create new certificate Please choose from the menu: |
This is odd, the logger seems to be acting up. I don't see any of the [VERB] messages in your log. Also it shows a debug message which I don't see in my builds. Would you mind trying this build to see if it gives you a proper error message? |
After Unzipping your File and running it i bekame a Message about missing files.
I copied them from Version: 1.9.8.4
and Ran your version.
Essensial is the Warning at the end:
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/sjuaYOIj7xezJas22lX1CbF4ftOK_OBMEOQEYl4docc/101105800
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/sjuaYOIj7xezJas22lX1CbF4ftOK_OBMEOQEYl4docc
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[DBUG] Certificate folder: C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org
[DBUG] Certificate store: My
[DBUG] RSAKeyBits: 2048
[INFO] Requesting certificate 1,4,5,6,7 2018.2.13 12:39:56
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-cert
[INFO] Saving certificate to C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org
[WARN] Error converting private key to Microsoft RSA SChannel Cryptographic Provider, which means it might not be usable for Exchange.
[DBUG] Set private key exportable
[--test] Do you want to install the certificate? (y/n): - no
The debug messages commes because of setting “<add key="serilog:minimum-level" value="Debug" />” in the “letsencrypt.exe.config”
You find the complete Log in attached file.
Kindly Regards
Mangaard Informatik
Peer-Renè Mangaard
Berchenstr. 42A
D-78467 Konstanz
Telefon: +49 (0)7531 78632
Telefax: +49 (0)7531 78602
Mobil: +49 (0)171 6247 110
Internet: http://www.mangaard-informatik.de/
P Bitte denken Sie an die Umwelt und drucken Sie diese E-Mail nur aus, wenn es unbedingt erforderlich ist!
Diese Nachricht wurde auf Viren überprüft.
This mail was checked for viruses.
Ce mail a été vérifié.
…_____________________________________________________________________________________________
E-Mail Disclaimer
Der Inhalt dieser E-Mail ist ausschliesslich fuer den bezeichneten Adressaten bestimmt. Wenn Sie nicht der vorgesehene Adressat dieser E-Mail oder dessen Vertreter sein sollten, so beachten Sie bitte, dass jede Form der Kenntnisnahme, Veroeffentlichung, Vervielfaeltigung oder Weitergabe des Inhalts dieser E-Mail unzulaessig ist. Wir bitten Sie, sich in diesem Fall mit dem Absender der E-Mail in Verbindung zu setzen.
The information contained in this email is intended solely for the addressee. Access to this email by anyone else is unauthorized. If you are not the intended recipient, any form of disclosure, reproduction, distribution or any action taken or refrained from in reliance on it, is prohibited and may be unlawful. Please notify the sender immediately.
L'information contenue dans cet email est prévue seulement pour le destinataire. L'Access à cet email par n'importe qui est autrement non autorisé. Si vous n'êtes pas le destinataire prévu, aucune forme de révélation, reproduction, distribution ou aucune mesure prise ou abstenue à dans la confiance là-dessus, est interdit et peut être illégal. Veuillez informer l'expéditeur immédiatement.
_____________________________________________________________________________________________
Von: Wouter Tinus [mailto:notifications@github.com]
Gesendet: Montag, 12. Februar 2018 18:41
An: Lone-Coder/letsencrypt-win-simple <letsencrypt-win-simple@noreply.github.com>
Cc: Mangaard-Informatik <Mangaard@Mangaard-Informatik.de>; Author <author@noreply.github.com>
Betreff: Re: [Lone-Coder/letsencrypt-win-simple] Create certificate failed in SBS2012 (all authorization result: valid) (#741)
This is odd, the logger seems to be acting up. I don't see any of the [VERB] messages in your log. Also it shows a debug message which I don't see in my builds.
Would you mind trying this build to see if it gives you a proper error message?
letsencrypt.zip<https://github.com/Lone-Coder/letsencrypt-win-simple/files/1717198/letsencrypt.zip>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#741 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/ATyjAjIVzUK_5ahwZMzZtZBkRmMJFGTtks5tUHefgaJpZM4SBA8m>.
C:\inetpub\AdminScripts>C:\Users\Public\Downloads\__Wouter_Tinus_Build_letsencrypt\letsencrypt.exe --test --verbose
[DBUG] Options: Options {BaseUri="https://acme-v01.api.letsencrypt.org/", Test=True, Verbose=True, Renew=False, ForceRenewal=False, Plugin=null, SiteId=null, ExcludeBindings=null, Hide
Https=False, ManualHost=null, ManualTargetIsIIS=False, Validation=null, ValidationMode="http-01", WebRoot=null, ValidationPort=null, ValidationSiteId=null, Warmup=False, UserName=null,
Password=null, AzureTenantId=null, AzureClientId=null, AzureSecret=null, AzureSubscriptionId=null, AzureResourceGroupName=null, DnsCreateScript=null, DnsDeleteScript=null, KeepExisting=
False, CentralSslStore=null, CertificateStore=null, Installation=[], InstallationSiteId=null, SSLPort=443, Script=null, ScriptParameters=null, CloseOnFinish=False, NoTaskScheduler=False
, UseDefaultTaskUser=False, Cancel=False, AcceptTos=False, EmailAddress=null}
[DBUG] Test parameter set: https://acme-staging.api.letsencrypt.org/
[DBUG] Config folder: C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org
[INFO] Let's Encrypt Windows Simple (LEWS)
[INFO] Software version 198.4.6617.33472 (DEBUG)
[INFO] IIS version 7.5
[INFO] ACME Server https://acme-staging.api.letsencrypt.org/
[INFO] Please report issues at https://github.com/Lone-Coder/letsencrypt-win-simple
[DBUG] Renewal period: 55
N: Create new certificate
M: Create new certificate with advanced options
L: List scheduled renewals
R: Renew scheduled
S: Renew specific
A: Renew *all*
V: Revoke certificate
C: Cancel scheduled renewal
X: Cancel *all* scheduled renewals
Q: Quit
Please choose from the menu: m
[INFO] Running in Advanced mode
1: Single binding of an IIS site
2: SAN certificate for all bindings of an IIS site
3: SAN certificate for all bindings of multiple IIS sites
4: Manually input host names
C: Cancel
Which kind of certificate would you like to create?: 3
[DBUG] Scanning IIS sites
[INFO] No valid hosts found for SBS SharePoint.
[INFO] No valid hosts found for SharePoint Central Administration v4.
[INFO] No valid hosts found for SharePoint Web Services.
[INFO] No valid hosts found for WSUS-Verwaltung.
1312694709: Companyweb (1 bindings) [@C:\inetpub\wwwroot\wss\VirtualDirectories\Companyweb80]
1: Default Web Site (4 bindings) [@C:\inetpub\wwwroot]
7: Mangaard.de (1 bindings) [@C:\Web-Hosting\www.mangaard.de]
2: SBS Client Deployment Applications (2 bindings) [@C:\Program Files\Windows Small Business Server\Bin\webapp\ClientDeployment]
6: www.magneticpower.de (3 bindings) [@C:\Web-Hosting\www.magneticpower.de]
4: www.Mangaard.ch (3 bindings) [@C:\Web-Hosting\www.Mangaard.ch]
5: www.Mangaard-Physio.de (3 bindings) [@C:\Web-Hosting\www.Mangaard-Physio.de]
Enter a comma separated list of site IDs, or 'S' to run for all sites: 1,4,5,6,7
* mangaard-informatik.de
* www.mangaard-informatik.de
* remote.mangaard-informatik.de
* mail.mangaard-informatik.de
* www.mangaard.ch
* mangaard.ch
* mail.mangaard.ch
* www.mangaard-physio.de
* mangaard-physio.de
* mail.mangaard-physio.de
* www.magneticpower.de
* magneticpower.de
* mail.magneticpower.de
* mangaard.de
Press enter to include all listed hosts, or type a comma-separated lists of exclusions:
[INFO] Plugin IISSites generated target [IISSites] 1,4,5,6,7 [14 bindings - mangaard-informatik.de, ...]
1: [dns-01] Azure DNS
2: [dns-01] Run external program/script to create and update records
3: [http-01] Create temporary application in IIS
4: [http-01] Save file on local (network) path
5: [http-01] Upload verification file to FTP(S) server
6: [http-01] Self-host verification files (recommended)
7: [http-01] Upload verification file to WebDav path
C: Cancel
How would you like to validate this certificate?: 6
1: Create or update IIS bindings
2: Run external script
3: Do not run any installation steps
C: Cancel
Which installer should run for the certificate?: 3
[DBUG] Scanning IIS sites
[DBUG] Loading signer from C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org\Signer
[DBUG] Getting AcmeServerDirectory
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/directory
[DBUG] Loading registration from C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org\Registration
[INFO] Authorize identifier: mangaard-informatik.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mangaard-informatik.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mangaard-informatik.de/.well-known/acme-challenge/pq3o2aVVKiWbG1EQXlJGvCZCHkalRnvU-Zg7JB89b-E
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/K1j9vAPnm9gVu77xC5P745uV9IZhsC4HUK4vrQLBiL4/101104206
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/K1j9vAPnm9gVu77xC5P745uV9IZhsC4HUK4vrQLBiL4
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: www.mangaard-informatik.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing www.mangaard-informatik.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://www.mangaard-informatik.de/.well-known/acme-challenge/-zR6fxEfRBgZDdYha3ldFDrL0UcqwUJpzNulYZ0Msvg
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/Igh8zikyuRnmyTPri0SNr1V-5sj30cWEkp4hI-qm-d0/101104906
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/Igh8zikyuRnmyTPri0SNr1V-5sj30cWEkp4hI-qm-d0
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: remote.mangaard-informatik.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing remote.mangaard-informatik.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://remote.mangaard-informatik.de/.well-known/acme-challenge/v9PG16GMJ12NIGwyPGFeiSRMC2bKzGlS9tGeTE3KXl8
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/jjqeLO1HdUrczJ1rb8tvytUn6F8WnJPfqEG1ecg0ZiI/101104938
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/jjqeLO1HdUrczJ1rb8tvytUn6F8WnJPfqEG1ecg0ZiI
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mail.mangaard-informatik.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mail.mangaard-informatik.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mail.mangaard-informatik.de/.well-known/acme-challenge/HmgnCSz_o6RIWpqhUphsP3dubctxbi_PKDVMzdihz3g
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/6Jgq_D0Wns3P9AOAJB64GkhNOlAtgovyt4S20CHFDks/101104962
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/6Jgq_D0Wns3P9AOAJB64GkhNOlAtgovyt4S20CHFDks
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mangaard.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mangaard.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mangaard.de/.well-known/acme-challenge/q8gkqNnM7tXxcmP6bplhyjO6VMYVsWOqFWHDlrlTxt8
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/3C7q3c74DlkuUcPoMgEIiOgqp288Nq9vhABoFQpb8B8/98124681
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: www.magneticpower.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing www.magneticpower.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://www.magneticpower.de/.well-known/acme-challenge/ToBezvdeDUkeg1ZBIO9pLDGWQ3xN_da_veWk8q2zm_U
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/IXLwOGVhqRBBajd_knS7Mp2xRc6XyxZyqhyknl-QxYM/101105009
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/IXLwOGVhqRBBajd_knS7Mp2xRc6XyxZyqhyknl-QxYM
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: magneticpower.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing magneticpower.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://magneticpower.de/.well-known/acme-challenge/msjEUxmMHnVQvbqD--FrCYAw2DGLKDupZzFY7iPWwh8
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/rEmM3w3djdyDRg-xHf1yDDV2VHI8vR7ZmF9duQjeP_8/101105049
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/rEmM3w3djdyDRg-xHf1yDDV2VHI8vR7ZmF9duQjeP_8
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mail.magneticpower.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mail.magneticpower.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mail.magneticpower.de/.well-known/acme-challenge/7IGKz_CJae2K8MGG2ekdUm9RLcvEOaqXpU9dF4LzVM0
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/QiZu2HUTUDnYXUsmYkREi_5R-gxxXtPtF6H-lOCr2yA/101105513
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/QiZu2HUTUDnYXUsmYkREi_5R-gxxXtPtF6H-lOCr2yA
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: www.mangaard.ch
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing www.mangaard.ch using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://www.mangaard.ch/.well-known/acme-challenge/-fUDR0yRURm_NRcgRz7q_7uL5kx2mfyaO4An0-f2hr8
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/5lBqc4FUl0qm0dWlYalJ4AadIj39rfFSwLrzNccOjl8/101105544
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/5lBqc4FUl0qm0dWlYalJ4AadIj39rfFSwLrzNccOjl8
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mangaard.ch
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mangaard.ch using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mangaard.ch/.well-known/acme-challenge/GZAKcLraTKw3XM5v2rJVRyOPtOFAJD_QWfPSfETkji8
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/QTxO0lzTPq90nDGrVYS5zFxxOigpawzErL16ffjtBYk/101105586
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/QTxO0lzTPq90nDGrVYS5zFxxOigpawzErL16ffjtBYk
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mail.mangaard.ch
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mail.mangaard.ch using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mail.mangaard.ch/.well-known/acme-challenge/ekeZ4BsI-Geor1d5MtV8AWmgcgnOK-BnzZb3uea3W6Y
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/yxXlq5S0hSLNTJm4VnmP86haaz6hIwABnn9iJUOtZw8/101105673
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/yxXlq5S0hSLNTJm4VnmP86haaz6hIwABnn9iJUOtZw8
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: www.mangaard-physio.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing www.mangaard-physio.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://www.mangaard-physio.de/.well-known/acme-challenge/nuUQFQlmFIj9bH7-TWeDQiYl7FsTDpQqp8fRB9_Pj5Y
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/7LJFpP-NtpF5Qp8lFm4epH-wRU4m5rcHDrQGRYIegXg/101105731
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/7LJFpP-NtpF5Qp8lFm4epH-wRU4m5rcHDrQGRYIegXg
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mangaard-physio.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mangaard-physio.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mangaard-physio.de/.well-known/acme-challenge/srdcIx1SU-nwi3w6R2jbKvMmWVY-laZZeJ5h83eZMw4
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/oHBMHD4D8A1_vhAIDGmp0tco5hHcs4h-pahEWBKp8ZE/101105767
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/oHBMHD4D8A1_vhAIDGmp0tco5hHcs4h-pahEWBKp8ZE
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[INFO] Authorize identifier: mail.mangaard-physio.de
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-authz
[INFO] Authorizing mail.mangaard-physio.de using http-01 validation (SelfHosting)
[DBUG] Writing web.config
[INFO] Answer should now be browsable at http://mail.mangaard-physio.de/.well-known/acme-challenge/IG8KB4bAy0m-FWd0Mndz_OsciCbZLgdt7QrS3nLBtgg
[--test] Try in default browser? (y/n): - yes
Press enter to continue... [DBUG] Submitting answer
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/challenge/sjuaYOIj7xezJas22lX1CbF4ftOK_OBMEOQEYl4docc/101105800
[DBUG] Refreshing authorization
[DBUG] Send GET request to https://acme-staging.api.letsencrypt.org/acme/authz/sjuaYOIj7xezJas22lX1CbF4ftOK_OBMEOQEYl4docc
[INFO] Authorization result: valid
[DBUG] Deleting web.config
[DBUG] Deleting answer
[DBUG] Certificate folder: C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org
[DBUG] Certificate store: My
[DBUG] RSAKeyBits: 2048
[INFO] Requesting certificate 1,4,5,6,7 2018.2.13 12:39:56
[DBUG] Send POST request to https://acme-staging.api.letsencrypt.org/acme/new-cert
[INFO] Saving certificate to C:\ProgramData\letsencrypt-win-simple\httpsacme-staging.api.letsencrypt.org
[WARN] Error converting private key to Microsoft RSA SChannel Cryptographic Provider, which means it might not be usable for Exchange.
[DBUG] Set private key exportable
[--test] Do you want to install the certificate? (y/n): - no
N: Create new certificate
M: Create new certificate with advanced options
L: List scheduled renewals
R: Renew scheduled
S: Renew specific
A: Renew *all*
V: Revoke certificate
C: Cancel scheduled renewal
X: Cancel *all* scheduled renewals
Q: Quit
Please choose from the menu:
|
So the error is where I expected it to be, but at least it's handled with a warning now, instead of it being fatal. I recommend you to use that build until the next official release comes out. |
First of all i would check if it is SBS2012 OR SBS2011... So i suggest it's not a bug in win-acme... seems like PEBKAC. |
The error is warned about but no longer fatal in the latest release. |
Issue description
Create certificate failed
But following Files could be found in "C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org" :
1,4,5,6,7-chain.pem
1,4,5,6,7-crt.der
1,4,5,6,7-crt.pem
ca-1,4,5,6,7-crt.der
ca-1,4,5,6,7-crt.pem
1,4,5,6,7-csr.pem
1,4,5,6,7-gen-csr.json
1,4,5,6,7-gen-key.json
1,4,5,6,7-key.pem
Steps to reproduce
PS C:\Windows\system32> C:\Users\Public\Downloads\letsencrypt-win-simple.v1.9.8.4\letsencrypt.exe
[DBUG] Options: Options {BaseUri="https://acme-v01.api.letsencrypt.org/", Test=False, Verbose=False, Renew=False, ForceRenewal=False, Plugin=null, SiteId=null,
ExcludeBindings=null, HideHttps=False, ManualHost=null, ManualTargetIsIIS=False, Validation=null, ValidationMode="http-01", WebRoot=null, ValidationSiteId=null
, Warmup=False, UserName=null, Password=null, AzureTenantId=null, AzureClientId=null, AzureSecret=null, AzureSubscriptionId=null, AzureResourceGroupName=null, D
nsCreateScript=null, DnsDeleteScript=null, KeepExisting=False, CentralSslStore=null, CertificateStore=null, Installation=[], InstallationSiteId=null, SSLPort=44
3, Script=null, ScriptParameters=null, CloseOnFinish=False, NoTaskScheduler=False, UseDefaultTaskUser=False, Cancel=False, AcceptTos=False, EmailAddress=null}
[DBUG] Config folder: C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
[INFO] Let's Encrypt Windows Simple (LEWS)
[INFO] Software version 198.4.6605.15190 (RELEASE)
[INFO] IIS version 7.5
[INFO] ACME Server https://acme-v01.api.letsencrypt.org/
[INFO] Please report issues at https://github.com/Lone-Coder/letsencrypt-win-simple
[DBUG] Renewal period: 55
N: Create new certificate
M: Create new certificate with advanced options
L: List scheduled renewals
R: Renew scheduled
S: Renew specific
A: Renew all
V: Revoke certificate
C: Cancel scheduled renewal
X: Cancel all scheduled renewals
Q: Quit
Please choose from the menu: m
[INFO] Running in Advanced mode
1: Single binding of an IIS site
2: SAN certificate for all bindings of an IIS site
3: SAN certificate for all bindings of multiple IIS sites
4: Manually input host names
C: Cancel
Which kind of certificate would you like to create?: 3
[DBUG] Scanning IIS sites
[INFO] No valid hosts found for SBS SharePoint.
[INFO] No valid hosts found for SharePoint Central Administration v4.
[INFO] No valid hosts found for SharePoint Web Services.
[INFO] No valid hosts found for WSUS-Verwaltung.
1312694709: Companyweb (1 bindings) [@C:\inetpub\wwwroot\wss\VirtualDirectories\Companyweb80]
1: Default Web Site (4 bindings) [@C:\inetpub\wwwroot]
7: Mangaard.de (1 bindings) [@C:\Web-Hosting\www.mangaard.de]
2: SBS Client Deployment Applications (2 bindings) [@C:\Program Files\Windows Small Business Server\Bin\webapp\ClientDeployment]
6: www.magneticpower.de (3 bindings) [@C:\Web-Hosting\www.magneticpower.de]
4: www.Mangaard.ch (3 bindings) [@C:\Web-Hosting\www.Mangaard.ch]
5: www.Mangaard-Physio.de (3 bindings) [@C:\Web-Hosting\www.Mangaard-Physio.de]
Enter a comma separated list of site IDs, or 'S' to run for all sites: 1,4,5,6,7
Press enter to include all listed hosts, or type a comma-separated lists of exclusions:
[INFO] Plugin IISSites generated target [IISSites] 1,4,5,6,7 [14 bindings - mangaard-informatik.de, ...]
1: [dns-01] Azure DNS
2: [dns-01] Run external program/script to create and update records
3: [http-01] Create temporary application in IIS
4: [http-01] Save file on local (network) path
5: [http-01] Upload verification file to FTP(S) server
6: [http-01] Self-host verification files (recommended)
7: [http-01] Upload verification file to WebDav path
C: Cancel
How would you like to validate this certificate?: 6
1: Create or update IIS bindings
2: Run external script
3: Do not run any installation steps
C: Cancel
Which installer should run for the certificate?: 3
[DBUG] Scanning IIS sites
[DBUG] Loading signer from C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org\Signer
[DBUG] Getting AcmeServerDirectory
[DBUG] Send GET request to https://acme-v01.api.letsencrypt.org/directory
[DBUG] Loading registration from C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org\Registration
[INFO] Authorize identifier: mangaard-informatik.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: www.mangaard-informatik.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: remote.mangaard-informatik.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mail.mangaard-informatik.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mangaard.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: www.magneticpower.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: magneticpower.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mail.magneticpower.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: www.mangaard.ch
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mangaard.ch
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mail.mangaard.ch
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: www.mangaard-physio.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mangaard-physio.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[INFO] Authorize identifier: mail.mangaard-physio.de
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz
[INFO] Cached authorization result: valid
[DBUG] Certificate folder: C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
[DBUG] Certificate store: My
[DBUG] RSAKeyBits: 2048
[INFO] Requesting certificate 1,4,5,6,7 2018.2.10 5:41:52
[DBUG] Send POST request to https://acme-v01.api.letsencrypt.org/acme/new-cert
[INFO] Saving certificate to C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org
[EROR] Create certificate failed
N: Create new certificate
M: Create new certificate with advanced options
L: List scheduled renewals
R: Renew scheduled
S: Renew specific
A: Renew all
V: Revoke certificate
C: Cancel scheduled renewal
X: Cancel all scheduled renewals
Q: Quit
Please choose from the menu:
Client version: letsencrypt-win-simple.v1.9.8.4
Windows version: Small Business Server 2011 Standard
Relevant part of log file:
what am I dooing wrong?
Using the Client "Certify The Web" I get all the Certificates installed, but this is not useable in IIS 7.5 - he I Need a SAN Certificate.
The text was updated successfully, but these errors were encountered: