Comments (10)
webprofusion-chrisc
commented on May 22, 2024
Thanks, the auto applied extensionless config is only under the .well-known folder - are you seeing a scenario where the more verbose config is required?
from certify.
benaadams
commented on May 22, 2024
Its in the acme-challenge folder; the issue is the asp.net mvc handler or some other handler intervenes as its earlier in the pipeline and prevents the files from being served.
As the web.config in acme-challenge is overridden when trying to get a new certificate; the solution I'm working with is to add a web.config with the clear and add up a folder in the .well-known folder so it doesn't get overwritten.
<?xml version = "1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<handlers>
<clear />
<add name="StaticFile" path="*" verb="*" type="" modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule" scriptProcessor="" resourceType="Either" requireAccess="Read" allowPathInfo="false" preCondition="" responseBufferLimit="4194304" />
</handlers>
</system.webServer>
</configuration>However its an extra manual step and would be better if it was included in the emitted web.config as suggested in the previous example.
from certify.
webprofusion-chrisc
commented on May 22, 2024
I see, I've used this on mvc sites as well as .aspx and it seemed to work ok but it could be a non-default handler involved. The config will also vary for .net core 1.0 vs .net 4.6 (different setup for handlers). Ok, It's on the todo list.
from certify.
benaadams
commented on May 22, 2024
Hmm, it might be URLRewrite as I'm doing ARR forwarding on the same site to it may be that handler that's getting in the way? It gets the file but refuses to serve it as a security protection.
from certify.
benaadams
commented on May 22, 2024
Similar issue and solution found win-acme/win-acme#37
from certify.
webprofusion-chrisc
commented on May 22, 2024
The syntax also varies slightly between iis versions (7 vs 7.5/8) so we currently automatically try one, then another. Note that if you copy in your own web.config we won't overwrite it later.
from certify.
benaadams
commented on May 22, 2024
All of them (for every site) currently get overwritten each time I try to use Certify to do a new site?
from certify.
webprofusion-chrisc
commented on May 22, 2024
Each site gets its own .well-known folder and sub folders, unless they are multiple sites/bindings pointing to the same site files. If the extensionless file check fails (the app tries to load an extensionless test file over http) then it will try its own web.config
from certify.
TonyValenti
commented on May 22, 2024
I just create #21 which fixes this problem. I was dealing with it too.
from certify.
webprofusion-chrisc
commented on May 22, 2024
Closing. Most recent release (0.9.91) has these fixes included.
from certify.
Related Issues (20)
- AutoUpdate.ps1 script is broken HOT 4
- DNS Validation Fails for IONOS DNS API HOT 2
- acme-dns DNS API failed HOT 2
- Propagation timer not being preserved when using Constellix API (posh-acme) script HOT 1
- Save button abnormalities HOT 3
- AcmeDNS Provider Error for API Update HOT 4
- Export does not exports whole chain HOT 7
- Feature Request: ARM64 Support HOT 5
- Export to .pfx with password HOT 5
- PowerShell script - with space in path / new process HOT 4
- azure.identity.1.7.0.nupkg: 1 vulnerabilities (highest severity is: 8.8)
- Error when using Export Certificate task HOT 1
- Wrong IIS binding updated HOT 2
- "Deploy to RDP Gateway service" error HOT 1
- TLS website monitoring HOT 1
- The private key generated by the ECDSA algorithm cannot be imported HOT 7
- Windows AD CS + ACME HOT 2
- system.identitymodel.tokens.jwt.6.24.0.nupkg: 1 vulnerabilities (highest severity is: 6.8)
- coverlet.msbuild.3.1.2.nupkg: 1 vulnerabilities (highest severity is: 7.5)
- coverlet.collector.3.1.2.nupkg: 1 vulnerabilities (highest severity is: 7.5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from certify.