starred/AutoACME
1
0
Fork 0
mirror of https://github.com/ridercz/AutoACME.git synced 2026-04-25 15:15:53 +03:00
Code Issues 6 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #28] Waiting for authorization.....Failed! #25

New issue
Closed
opened 2026-02-26 21:31:18 +03:00 by kerem · 3 comments
kerem commented 2026-02-26 21:31:18 +03:00
Owner
Copy link

Originally created by @giacinto41 on GitHub (Aug 9, 2018).
Original GitHub issue: https://github.com/ridercz/AutoACME/issues/28

Hi,

I am having some problems with getting this certificate installed. We are trying to implement DirectAccess
and so we need to install public ssl certificates to make this work. I have a public domain (da.voltechrebuilders.com) pointing to my corporate network public IP (A and AAAA record pointing to my IP4 and IP6 address respectively), which is then forwarded to the web server on my network . I can reach the IIS default site from the internet just fine. Since we are doing this to deploy DirectAccess we don't have an actual website and so I am doing all this with the default website.

Here is my attempt at getting a certificate (trying multiple times, always the same result):

C:\CertStore\AutoACME>autoacme addhost da.voltechrebuilders.com
Altairis AutoACME Manager version 1.5.4.0
Copyright (c) Michal A. Valasek - Altairis, 2017
www.autoacme.net | www.rider.cz | www.altairis.cz

Reading configuration from 'C:\CertStore\AutoACME\autoacme.json'...OK
Checking host...OK
Requesting cerificate for da.voltechrebuilders.com:
Accepting TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf...OK
Testing authorization:
Writing challenge to C:\InetPub\wwwroot\AutoAcme\probe_032d6b95-b1af-4eef-a88e-2abefdbd3bdd...OK
Testing HTTP challenge:
Preparing request to http://da.voltechrebuilders.com/.well-known/acme-challenge/probe_032d6b95-b1af-4eef-a88e-2abefdbd3bdd...OK
Getting response...OK
Reading response...OK
OK: Status code 200
OK: Content-Type header
OK: Expected response received
Deleting challenge from C:\InetPub\wwwroot\AutoAcme\probe_032d6b95-b1af-4eef-a88e-2abefdbd3bdd...OK
Getting authorization:
Creating authorization request...OK, the following is request URI:
https://acme-v01.api.letsencrypt.org/acme/authz/Wy7pKIOTpJiEm1ZaOEW6NX9c-8xTEz6okf6AAFacNAo
Getting challenge...OK, the following is challenge URI:
https://acme-v01.api.letsencrypt.org/acme/challenge/Wy7pKIOTpJiEm1ZaOEW6NX9c-8xTEz6okf6AAFacNAo/6292277342
Writing challenge to C:\InetPub\wwwroot\AutoAcme\KYJ5xdpeJMVC4-Vu6s_CNLlS6RmkUMMHaVb_WgguCjo...OK
Completing challenge...OK
Waiting for authorization.....Failed!
Last known status: invalid
Deleting challenge from C:\InetPub\wwwroot\AutoAcme\KYJ5xdpeJMVC4-Vu6s_CNLlS6RmkUMMHaVb_WgguCjo...OK
Request failed: One or more errors occurred.
Failed!
Unable to get certificate for new host.

Can anyone help, I am at a loss!!!

Originally created by @giacinto41 on GitHub (Aug 9, 2018). Original GitHub issue: https://github.com/ridercz/AutoACME/issues/28 Hi, I am having some problems with getting this certificate installed. We are trying to implement DirectAccess and so we need to install public ssl certificates to make this work. I have a public domain (da.voltechrebuilders.com) pointing to my corporate network public IP (A and AAAA record pointing to my IP4 and IP6 address respectively), which is then forwarded to the web server on my network . I can reach the IIS default site from the internet just fine. Since we are doing this to deploy DirectAccess we don't have an actual website and so I am doing all this with the default website. Here is my attempt at getting a certificate (trying multiple times, always the same result): C:\CertStore\AutoACME>autoacme addhost da.voltechrebuilders.com Altairis AutoACME Manager version 1.5.4.0 Copyright (c) Michal A. Valasek - Altairis, 2017 www.autoacme.net | www.rider.cz | www.altairis.cz Reading configuration from 'C:\CertStore\AutoACME\autoacme.json'...OK Checking host...OK Requesting cerificate for da.voltechrebuilders.com: Accepting TOS at https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf...OK Testing authorization: Writing challenge to C:\InetPub\wwwroot\AutoAcme\probe_032d6b95-b1af-4eef-a88e-2abefdbd3bdd...OK Testing HTTP challenge: Preparing request to http://da.voltechrebuilders.com/.well-known/acme-challenge/probe_032d6b95-b1af-4eef-a88e-2abefdbd3bdd...OK Getting response...OK Reading response...OK OK: Status code 200 OK: Content-Type header OK: Expected response received Deleting challenge from C:\InetPub\wwwroot\AutoAcme\probe_032d6b95-b1af-4eef-a88e-2abefdbd3bdd...OK Getting authorization: Creating authorization request...OK, the following is request URI: https://acme-v01.api.letsencrypt.org/acme/authz/Wy7pKIOTpJiEm1ZaOEW6NX9c-8xTEz6okf6AAFacNAo Getting challenge...OK, the following is challenge URI: https://acme-v01.api.letsencrypt.org/acme/challenge/Wy7pKIOTpJiEm1ZaOEW6NX9c-8xTEz6okf6AAFacNAo/6292277342 Writing challenge to C:\InetPub\wwwroot\AutoAcme\KYJ5xdpeJMVC4-Vu6s_CNLlS6RmkUMMHaVb_WgguCjo...OK Completing challenge...OK Waiting for authorization.....Failed! Last known status: invalid Deleting challenge from C:\InetPub\wwwroot\AutoAcme\KYJ5xdpeJMVC4-Vu6s_CNLlS6RmkUMMHaVb_WgguCjo...OK Request failed: One or more errors occurred. Failed! Unable to get certificate for new host. Can anyone help, I am at a loss!!!
kerem closed this issue 2026-02-26 21:31:18 +03:00
kerem commented 2026-02-26 21:31:19 +03:00
Author
Owner
Copy link

@giacinto41 commented on GitHub (Aug 9, 2018):

Hi,

I did a bit more testing and I think that my ISP is blocking port 80 for incoming connections. I have been testing from another LAN (different seperate VLAN but behind the same Router) thinking that when the site resolved everything was working.

Im assuming that there isn't another port that I could get the request from?? Ill be contacting my ISP today to confirm whether they are blocking the port and if I can open it.

Thanks

<!-- gh-comment-id:411766618 --> @giacinto41 commented on GitHub (Aug 9, 2018): Hi, I did a bit more testing and I think that my ISP is blocking port 80 for incoming connections. I have been testing from another LAN (different seperate VLAN but behind the same Router) thinking that when the site resolved everything was working. Im assuming that there isn't another port that I could get the request from?? Ill be contacting my ISP today to confirm whether they are blocking the port and if I can open it. Thanks
kerem commented 2026-02-26 21:31:19 +03:00
Author
Owner
Copy link

@ridercz commented on GitHub (Aug 15, 2018):

For HTTP verification your site needs to be reachable on port 80 (HTTP) or 443 (HTTPS). It's intentional and there is no workaround.

<!-- gh-comment-id:413201854 --> @ridercz commented on GitHub (Aug 15, 2018): For HTTP verification your site needs to be reachable on port 80 (HTTP) or 443 (HTTPS). It's intentional and there is no workaround.
kerem commented 2026-02-26 21:31:19 +03:00
Author
Owner
Copy link

@ridercz commented on GitHub (Aug 15, 2018):

See also [#11]

<!-- gh-comment-id:413207108 --> @ridercz commented on GitHub (Aug 15, 2018): See also [#11]
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
dependabot/nuget/Portable.BouncyCastle-1.8.5.2
selfhost
v1.8.0
v1.7.0
v1.6.2
v1.6.1
v1.6.0
v1.5.3
v1.5.4
1.5.2
v1.5.1
v1.5.0
v1.4.1
v1.4.0
v1.3.0
v1.2.0
v1.1.0
v1.0.1
v1.0.0
Labels
Clear labels   
pull-request

Mirrored from GitHub Pull Request

No labels
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/AutoACME#25
No description provided.