leo_80
11.04.20, 18:19
Hallo zusammen,
ich versuche auf einer Debian VM den certbot zur Zertifikatausstellung zu betrauen.
Der Webserver ist ein Windows Server 2019 IIS 10.0.
Das Webrootverzeichnis habe per cifs-utils gemountet.
/etc/fstab:
//192.168.99.254/wwwroot /usr/share/wwwroot cifs user=***,password=***,domain=*** 0 0
Leider meldet der IIS 404
certbot certonly --dry-run --webroot --webroot-path /usr/share/wwwroot -d mail.***.de:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mail.***.de
Using the webroot path /usr/share/wwwroot for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mail.exitocom.de (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mail.***.de/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM [***::1]: 404
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: mail.exitocom.de
Type: unauthorized
Detail: Invalid response from
http://mail.***.de/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM
[***::1]: 404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Das bestätigt sich auch:
touch /usr/share/wwwroot/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM
telnet 192.168.99.254 80
Trying 192.168.99.254...
Connected to 192.168.99.254.
Escape character is '^]'.
GET /.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM HTTP/1.1
HOST: mail.***.de
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
Date: Sat, 11 Apr 2020 15:01:58 GMT
Content-Length: 0
Der findet die Datei nicht, weil sie keine Dateiendung hat.
wenn ich .html anfüge kommt 200
touch /usr/share/wwwroot/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM.html
telnet 192.168.99.254 80
Trying 192.168.99.254...
Connected to 192.168.99.254.
Escape character is '^]'.
GET /.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM.html HTTP/1.1
HOST: mail.***.de
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 11 Apr 2020 17:04:22 GMT
Accept-Ranges: bytes
ETag: W/"58faf23e2310d61:0"
Server: Microsoft-IIS/10.0
Date: Sat, 11 Apr 2020 15:11:32 GMT
Content-Length: 0
Irgendjemand eine Idee?
ich versuche auf einer Debian VM den certbot zur Zertifikatausstellung zu betrauen.
Der Webserver ist ein Windows Server 2019 IIS 10.0.
Das Webrootverzeichnis habe per cifs-utils gemountet.
/etc/fstab:
//192.168.99.254/wwwroot /usr/share/wwwroot cifs user=***,password=***,domain=*** 0 0
Leider meldet der IIS 404
certbot certonly --dry-run --webroot --webroot-path /usr/share/wwwroot -d mail.***.de:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for mail.***.de
Using the webroot path /usr/share/wwwroot for all unmatched domains.
Waiting for verification...
Cleaning up challenges
Failed authorization procedure. mail.exitocom.de (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://mail.***.de/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM [***::1]: 404
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: mail.exitocom.de
Type: unauthorized
Detail: Invalid response from
http://mail.***.de/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM
[***::1]: 404
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Das bestätigt sich auch:
touch /usr/share/wwwroot/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM
telnet 192.168.99.254 80
Trying 192.168.99.254...
Connected to 192.168.99.254.
Escape character is '^]'.
GET /.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM HTTP/1.1
HOST: mail.***.de
HTTP/1.1 404 Not Found
Server: Microsoft-IIS/10.0
Date: Sat, 11 Apr 2020 15:01:58 GMT
Content-Length: 0
Der findet die Datei nicht, weil sie keine Dateiendung hat.
wenn ich .html anfüge kommt 200
touch /usr/share/wwwroot/.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM.html
telnet 192.168.99.254 80
Trying 192.168.99.254...
Connected to 192.168.99.254.
Escape character is '^]'.
GET /.well-known/acme-challenge/dUFZ-FuIQKJJ5UacrtshHY1rvSazp1PbuWQi517DKuM.html HTTP/1.1
HOST: mail.***.de
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Sat, 11 Apr 2020 17:04:22 GMT
Accept-Ranges: bytes
ETag: W/"58faf23e2310d61:0"
Server: Microsoft-IIS/10.0
Date: Sat, 11 Apr 2020 15:11:32 GMT
Content-Length: 0
Irgendjemand eine Idee?