Issue/bug with lets...
 
Notifications
Clear all

Issue/bug with letsencrypt

5 Posts
2 Users
0 Reactions
1,161 Views
Posts: 18
Topic starter
(@wyomingrasta)
Active Member
Joined: 8 years ago

Wonder if anyone else has seen this...

Verstion 1.3.0 and just now testing out LetsEncrypt. As a forward, our sites are not named after the "www" host...we found that very limiting if client wants a new site developed then a hot cut...before we would have to delete the site to move the www hostname, long story short, sites are named like site1.domain, site2.domain, etc. We then add in the www hostname as a website pointer, along with the domain name itself.

I let the thing install the cert and after a while it comes back saying it was installed. However, going to IIS manager to check, and the site is stopped. I check the bindings and it has added several new bindings, with the correct settings except that the IP address is 0.0.0.0. I've attached a screen shot.

This was in the System log:
The World Wide Web Publishing Service (WWW Service) did not construct valid URLs for virtual site 169. Therefore, the virtual site 169 will be stopped. This can be caused by invalid characters in the site bindings. The following characters are not allowed in a site binding: """ "/" "\" "[" "]" ":" "|" " " "<" ">" "+" "=" ";" "," "?" "*" "%" "#" "@" "{" "}" "^" "`". To fix this problem please remove invalid characters from the site bindings.

The only way I could get the site running was to delete all those binding with the 0.0.0.0 address and then save...the site then could be started.

This site is named, and runs in a folder so named, admin.site.com and has a website pointer of www. I check in the SSL certs and the cert is there, with a path of, predictably, admin.site.com. I then tried to manually add a binding for www.site.com, 443, sni, All unassigned, all usual stuff, then start the site, it starts, but when you browse to it you only get the IIS site...meaning the server can't find the binding (all shared ip server). Then, I add another binding for admin.site.com, and bam, that comes up fine.

So, it appears, unless your site is actually named "www", this will not work. Even if a website pointer for www is there, it still won't work. I tried many different things, always the same result, sadly.

4 Replies
Posts: 1995
Admin
(@m-tiggelaar)
Noble Member
Joined: 9 years ago

Hello,

I think this is a problem with the client we use: LetsEncrypt win Simple.

However the odd thing is the bindings are normally supposed to be created pretty well (by the client).

besides * bindings do you have any dedicated ip's or something configured somewhere? (as there are some bugs with sni and iis if actual ip's are used).

Regards,

Marco

Reply
Posts: 18
Topic starter
(@wyomingrasta)
Active Member
Joined: 8 years ago

Hi Marco!

No...we don't ...besides, you guys set this server up for us, remember? It just uses one IP in a shared setup.

Steve.

Reply
Posts: 1995
Admin
(@m-tiggelaar)
Noble Member
Joined: 9 years ago

So what are you getting when you run SolidCP ServerbinLetsEncryptletsencrypt.exe --plugin iissite --siteid 1 --emailaddress myaddress@example.com --accepttos --closeonfinish 

where siteid is the actual site id (not site name).

As this is in essense what SolidCP runs

Reply
Posts: 18
Topic starter
(@wyomingrasta)
Active Member
Joined: 8 years ago

Gives me the following menu on the command line:

Reply
Share: