Skip to main content

The web.config no extension mime problem Lets Encrypt on IIS/Windows

 Tip when using LetsEncrypt in Windows - Feature Requests - Let's Encrypt Community Support

In a paragraph, just use the web.config file to set the mime type, eg... 

After trying to figure out why my Lets Encrypt failed to generate in Windows, and discovering that it's the no extension mime type problem, I wondered whether certbot could fill in the missing gap.

All that is needed is the following web.config file to be placed in the same directory as the challenge

<?xml version="1.0" encoding="UTF-8"?>
 <configuration>
     <system.webServer>
         <staticContent>
             <mimeMap fileExtension="." mimeType="text/xml" />
         </staticContent>
     </system.webServer>
 </configuration>

Because there's no mime type for files without an extension on IIS, IIS sends back a 404 when verification happens. The web.config file above sets the mime type.

After I created the .well-known folder and the acme-challenge folder, and inserted the web.config there, it all worked fine.


Once You've got the pems, do something like... in openssl 

openssl pkcs12 -export -out websitename.pfx -inkey privkey1.pem -in fullchain1.pem 


See also, DigiCert Certificate Utility for Windows | DigiCert.com

See also, Install Linux Subsystem on Windows Server | Microsoft Docs

Comments

  1. Anonymous1 February 2022 at 02:55

    Merkur 23C HD Long Handled Safety Razor with Chrome Finish
    The Merkur 23C HD Long Handled Safety Razor with Chrome Finish comes complete with a closed comb 메리트카지노 design, perfect for the novice or for serious  Rating: 4.7 · ‎18 reviews · 메리트 카지노 쿠폰 ‎€30.90 · ‎In 바카라 사이트 stock

    ReplyDelete

Post a Comment

Popular posts from this blog

Fixing a https Cert in Windows

 I renewed a https cert today in Windows and had problems with the new Cert sticking in Windows It would add fine, without error, but would disappear when the IIS Server Certificates screen would refresh.  Open the Certificates in MMC (Local Machine) and inspecting the Web Hosting gave a clue, the new certificate was there, but with a key - the private key was missing.  Could be because the original certificate was created on a completely different machine and imported to this new server.  At any rate, a simple certutil command fixed it .  A tip I received from  SSL disappears from the certificate list on Windows server - SSL Certificates - Namecheap.com Key steps are:  Double-click the certificate and go to  Details  tab. In certificate details locate the  Serial Number  field, click on it and copy its value. Open Command Prompt, pressing  Win+R  and typing  cmd , then click  OK In the command prompt type:  certutil -repairstore my Serial_number  from step 9 I actually typed       cer
Post a Comment
Read more

Ever need to reset a password in Bonobo Git Server ?

So, you've forgotten your password to bonobo git. Step 1: Get access to the sqlite file, probably called something like  Bonobo.Git.Server.db, sitting in the "wwwroot\Bonobo.Git.Server\App_Data" directory. Step 2: Using another tool, generate an md5 hash of your new desired password (as far as I know, sqlite does not have md5 capability) Step 3: Back in sqlite, using SQL, update the relevant user record, something like update User set Password = UPPER( 'thenewMD5hash') where Username = 'admin' ; Step 4: That's it, you are done, log in with your newly found password.
2 comments
Read more