Lets encrypt instal...
 
Notifications
Clear all

Lets encrypt install problems

17 Posts
4 Users
0 Reactions
4,037 Views
Posts: 18
(@jnitterauer)
Active Member
Joined: 6 years ago

I get the following errors when I try to run via cmd:

[INFO] Let's Encrypt Windows Simple (LEWS)
[INFO] Software version 1.9.7.42320 (RELEASE)
[INFO] IIS version 10.0
[INFO] ACME Server https://acme-v01.api.letsencrypt.org/
[INFO] Please report issues at https://github.com/Lone-Coder/letsencrypt-win-simple

[INFO] Running in unattended mode.
[INFO] Plugin iissite generated target [IIS] CLERUSSOL.COM (SiteId 6) [4 bindings - clerussol.com, ... @ D:HostingSpacesCLERUSSOLCLERUSSOL.COMwwwroot]
[INFO] Authorizing clerussol.com using http-01 validation (FileSystem)
[INFO] Answer should now be browsable at http://clerussol.com/.well-known/acme-challenge/te8WGegIneiRUDBv6wVS7oP6Q185R-VZRJ8-sZaWaWc
[INFO] Authorization result: invalid
[INFO] Cached authorization result: valid
[INFO] Cached authorization result: valid
[INFO] Authorizing clerussolutions.com using http-01 validation (FileSystem)
[INFO] Answer should now be browsable at http://clerussolutions.com/.well-known/acme-challenge/AZF6ieaVDRps_X5ELtF1kLv88FOTVXDQ-uhJCSSGi4w
[INFO] Authorization result: invalid
[EROR] NullReferenceException: Object reference not set to an instance of an object.

So it appears that the file required for validation is NOT getting written to the web root folder leading to the NullReference.

Any ideas how to fix this?

Thanks

Jim

Reply
Posts: 18
(@jnitterauer)
Active Member
Joined: 6 years ago

So I manually tried the above commands using  Software version 1911.1.6713.13067 and was able to manually install a certificate. The version included with SolidSCP ASP.net server does not work in manual mode. I am working through some other combinations to see if I can narrow down the SolidCP issues

Reply
Posts: 18
(@jnitterauer)
Active Member
Joined: 6 years ago

After much toying with DNS and other settings, I can get SolidCP to create Let's Encrypt certificates and succeed. The only issue left to resolve is the fact that the process is not honoring the "Use centralized certificate store" setting so certs are installed locally on one machine and not shared across all servers in the farm.

The cli tool does have an option to store certs in the central store and it works correctly when done manually. This is a bug that need to be fixed.

Thanks

Jim

Reply
Posts: 1457
Admin
(@trobinson)
Noble Member
Joined: 9 years ago

Hi Jim,

Would you be able to share the command line arguments you needed to use to get this to work? I will log a feature request for this to be added when a central store is in use on the server.

Kind Regards,

Trevor Robinson

Reply
Posts: 18
(@jnitterauer)
Active Member
Joined: 6 years ago

Trevor,

I was able to use th command line like this:

letsencrypt.exe --plugin iissite --centralsslstore D:PathToStore --siteid 134 --emailaddress myaddress@example.com --accepttos --closeonfinish

The key is the --centralsslstore Path  flag. This places the PFX the shared cert repo and configured IIS correctly. If you want a password on the PFX (which I highly recommend - Shared Certs typically use a common one - you have to place a <value>YourPassword</value> in the Letsencrypt config file in the <PFXPassword> section. Hope this helps

This should easily be programmable. You can also set a whole bunch of other parameters in the config file including bit length of the keys.

If you run letencrypt -h from the cli you can see all the cli options. The --test let's you try them without issue.

Jim

Reply
Page 3 / 4
Share: