Hallo zusammen!
Ich benutzte seit einigen Monaten problemlos das CAv3, bekomme es aber im Moment nicht hin, das Zertifikat zu verlängern. Ich bekomme diverse Fehlermeldungen, obwohl am Script nichts geändert worden ist. Port 80 und 443 sind frei.
LOG:
22.09.2020 15:48:09;System;Info;Geting system parameters;
22.09.2020 15:48:09;System;Info;Certificate Assistant Exchange 2016 Version;
22.09.2020 15:48:09;System;Info;PowerShell Version: 5.1.14393.3471 OSVersion: 10.0.14393.0;
22.09.2020 15:48:09;Check Posh-ACME;Info;Check if Module installed;
22.09.2020 15:48:09;Load Posh-ACME;Info;Posh-ACME is installed, try to load it;
22.09.2020 15:48:10;Load Posh-ACME;Info;Module Import was successfull, PoshACMEVersion 3.12.0 3.16.0;
22.09.2020 15:48:10;Load Exchange SnapIns;Info;Try to load Exchange SnapIns;
22.09.2020 15:48:10;Load Exchange SnapIns;Info;Sucessfully loaded Exchange SnapIns;
22.09.2020 15:48:10;IIS;Info;Trying to create .Well-Known Directory;
22.09.2020 15:48:10;IIS;Info;Well-Known Folder already exists, skipping;
22.09.2020 15:48:10;IIS;Warning;Mime Type was not added to Well-Known folder, maybe it was already added;
22.09.2020 15:48:10;IIS;Info;Changing Let's Encrypt IIS directory to http;
22.09.2020 15:48:10;IIS;Info;Successfully changed Let's Encrypt IIS directory to http;
22.09.2020 15:48:10;IIS;Info;Checking Let's Encrypt IIS directory to accept validation by http request;
22.09.2020 15:48:10;IIS;Info;.well-known directory accepts http;
22.09.2020 15:48:10;Exchange FQDNs;Info;Getting Exchange FQDNs;
22.09.2020 15:48:10;Exchange FQDNs;Info;Getting local Exchange Server Name;
22.09.2020 15:48:10;Exchange FQDNs;Info;Local Exchange Name EXCHANGE;
22.09.2020 15:48:10;Exchange FQDNs;Info;Getting Autodiscover Hostname;
22.09.2020 15:48:10;Exchange FQDNs;Info;Autodiscover Hostname autodiscover.meinedomain.de.de;
22.09.2020 15:48:10;Exchange FQDNs;Info;Getting Exchange Outlook Anywhere External FQDN;
22.09.2020 15:48:11;Exchange FQDNs;Info;Exchange Outlook Anywhere External FQDN meinedomain.de;
22.09.2020 15:48:11;Exchange FQDNs;Info;Getting Exchange Outlook Anywhere Internal FQDN;
22.09.2020 15:48:12;Exchange FQDNs;Info;Exchange Outlook Anywhere Internal FQDN meinedomain.de;
22.09.2020 15:48:12;Exchange FQDNs;Info;Getting Exchange OAB External FQDN;
22.09.2020 15:48:12;Exchange FQDNs;Info;Exchange OAB External FQDN meinedomain.de;
22.09.2020 15:48:12;Exchange FQDNs;Info;Getting Exchange OAB Internal FQDN;
22.09.2020 15:48:13;Exchange FQDNs;Info;Exchange OAB Internal FQDN meinedomain.de;
22.09.2020 15:48:13;Exchange FQDNs;Info;Getting Exchange EAS Internal FQDN;
22.09.2020 15:48:14;Exchange FQDNs;Info;Exchange EAS Internal FQDN meinedomain.de;
22.09.2020 15:48:14;Exchange FQDNs;Info;Getting Exchange EAS External FQDN;
22.09.2020 15:48:15;Exchange FQDNs;Info;Exchange EAS External FQDN meinedomain.de
22.09.2020 15:48:15;Exchange FQDNs;Info;Getting Exchange EWS Internal FQDN;
22.09.2020 15:48:16;Exchange FQDNs;Info;Exchange EWS Internal FQDN meinedomain.de;
22.09.2020 15:48:16;Exchange FQDNs;Info;Getting Exchange EWS External FQDN;
22.09.2020 15:48:17;Exchange FQDNs;Info;Exchange EWS External FQDN meinedomain.de;
22.09.2020 15:48:17;Exchange FQDNs;Info;Getting Exchange ECP Internal FQDN;
22.09.2020 15:48:18;Exchange FQDNs;Error;Error geting Exchange ECP FQDNs;Es ist nicht möglich, eine Methode für einen Ausdruck aufzurufen, der den NULL hat.
22.09.2020 15:48:18;Exchange FQDNs;Info;Getting Exchange OWA Internal FQDN;
22.09.2020 15:48:19;Exchange FQDNs;Info;Exchange OWA Internal FQDN meinedomain.de;
22.09.2020 15:48:19;Exchange FQDNs;Info;Getting Exchange OWA External FQDN;
22.09.2020 15:48:20;Exchange FQDNs;Info;Exchange OWA ExternalFQDN meinedomain.de;
22.09.2020 15:48:20;Exchange FQDNs;Info;Getting Exchange MAPI Internal FQDN;
22.09.2020 15:48:20;Exchange FQDNs;Info;Exchange MAPI Internal FQDN meinedomain.de;
22.09.2020 15:48:20;Exchange FQDNs;Info;Getting Exchange MAPI External FQDN;
22.09.2020 15:48:21;Exchange FQDNs;Info;Exchange MAPI External FQDN meinedomain.de;
22.09.2020 15:48:21;Exchange FQDNs;Info;Make them unique;
22.09.2020 15:48:21;Exchange FQDNs;Info;FQDNs are unique;
22.09.2020 15:48:21;LE System;Info;Setting LE Mode;
22.09.2020 15:48:21;LE System;Info;Setting LE Mode to PRODUCTION MODE (LIVE SYSTEM);
22.09.2020 15:48:21;LE System;Info;Checking for existing LE Account;
22.09.2020 15:48:21;LE System;Info;Found a existing LE Account;
22.09.2020 15:48:21;LE Certificate;Info;Trying to create a new order for a certificate;
22.09.2020 15:48:22;LE Certificate;ERROR;Can't order certificate: Ausnahme beim Aufrufen von "Parse" mit 1 Argument(en): "Die Zeichenfolge wurde nicht als gültiges DateTime erkannt.";
22.09.2020 15:48:22;LE System;Info;Creating Autorisation files for LE verification;
22.09.2020 15:48:22;LE System;Info;Asking LE to verify the order;
22.09.2020 15:48:22;LE System;Info;Successfully informed LE to verify the order;
22.09.2020 15:48:22;LE System;INFO;Let's give LE some time to validate (1 min);1 min
22.09.2020 15:49:22;LE System;INFO;Time to wake up, need coffee!;
22.09.2020 15:49:22;LE System;INFO;Let's check the authorization;
22.09.2020 15:49:22;LE System;INFO;Let's refresh the order;
22.09.2020 15:49:22;LE System;INFO;Let's check if order is ready;
22.09.2020 15:49:22;LE System;ERROR;Order is NOT ready;
get-paorder | fl
status : valid
expires : 2020-09-28T08:19:31Z
identifiers : {@{value=autodiscover.meinedomain.de; type=dns}, @{value=remo
type=dns}}
authorizations : { https://acme-v02.api.letsencrypt.org/acme/authz-v3/7364545635,
https://acme-v02.api.letsencrypt.org/acme/authz-v3/7364545636}
finalize : https://acme-v02.api.letsencrypt.org/acme/finalize/80725852/5294904
MainDomain : autodiscover.meinedomain.de
SANs : {remote.meinedomain.de}
KeyLength : 2048
CertExpires :
RenewAfter :
OCSPMustStaple : False
DnsPlugin : {Manual}
DnsAlias :
DnsSleep : 120
ValidationTimeout : 60
FriendlyName : autodiscover.meinedomain.de
PfxPass : wurdegeaendert
Install : False
certificate : https://acme-v02.api.letsencrypt.org/acme/cert/03fb2e83965507f15615
location : https://acme-v02.api.letsencrypt.org/acme/order/80725852/5294904712
get-paorder | Get-PAAuthorizations
autodiscover.meinedomain.de valid 21.10.2020 10:19:36 valid
remote.meinedomain.de valid 21.10.2020 10:19:36 valid
Hi,
schau dir mal die Alternative an:
Gruß,
Frank
Hallo Frank,
vielen Dank für die Alternative, hat damit auf Anhieb funktioniert. Ebenfalls danke ich dir für deine bisherige Arbeit mit dem ExchangeCertificate!
Viele Grüße
L
Hallo zusammen,
ich habe genau das gleiche Problem mit einem Exchange 2019 Server. Port 80 und 443 werden an den Server weitergeleitet. Ich bekomme die gleiche Meldung: Order is NOT ready.
Ich füge mal die Logs hinzu:
08.02.2021 11:39:39 - IIS - Info - Changing Let's Encrypt IIS directory to http
08.02.2021 11:39:40 - IIS - Info - Successfully changed Let's Encrypt IIS directory to http
08.02.2021 11:39:40 - IIS - Info - Checking Let's Encrypt IIS directory to accept validation by http request
08.02.2021 11:39:40 - IIS - Info - .well-known directory accepts http
08.02.2021 11:39:40 - Exchange FQDNs - Info - Getting Exchange FQDNs
08.02.2021 11:39:40 - Exchange FQDNs - Info - Getting local Exchange Server Name
08.02.2021 11:39:40 - Exchange FQDNs - Info - Local Exchange Name SERVER-NAME
08.02.2021 11:39:40 - Exchange FQDNs - Info - Getting Autodiscover Hostname
08.02.2021 11:39:40 - Exchange FQDNs - Info - Autodiscover Hostname autodiscover.meinedomain.de
08.02.2021 11:39:40 - Exchange FQDNs - Info - Getting Exchange Outlook Anywhere External FQDN
08.02.2021 11:39:40 - Exchange FQDNs - Error - Error geting Exchange Outlook Anywhere FQDNs
08.02.2021 11:39:40 - Exchange FQDNs - Info - Getting Exchange OAB External FQDN
08.02.2021 11:39:41 - Exchange FQDNs - Info - Exchange OAB External FQDN mail.meinedomain.de
08.02.2021 11:39:41 - Exchange FQDNs - Info - Getting Exchange OAB Internal FQDN
08.02.2021 11:39:42 - Exchange FQDNs - Info - Exchange OAB Internal FQDN mail.meinedomain.de
08.02.2021 11:39:42 - Exchange FQDNs - Info - Getting Exchange EAS Internal FQDN
08.02.2021 11:39:43 - Exchange FQDNs - Info - Exchange EAS Internal FQDN mail.meinedomain.de
08.02.2021 11:39:43 - Exchange FQDNs - Info - Getting Exchange EAS External FQDN
08.02.2021 11:39:44 - Exchange FQDNs - Info - Exchange EAS External FQDN mail.meinedomain.de
08.02.2021 11:39:44 - Exchange FQDNs - Info - Getting Exchange EWS Internal FQDN
08.02.2021 11:39:45 - Exchange FQDNs - Info - Exchange EWS Internal FQDN mail.meinedomain.de
08.02.2021 11:39:45 - Exchange FQDNs - Info - Getting Exchange EWS External FQDN
08.02.2021 11:39:45 - Exchange FQDNs - Info - Exchange EWS External FQDN mail.meinedomain.de
08.02.2021 11:39:45 - Exchange FQDNs - Info - Getting Exchange ECP Internal FQDN
08.02.2021 11:39:46 - Exchange FQDNs - Info - Exchange EWS Internal FQDN mail.meinedomain.de
08.02.2021 11:39:46 - Exchange FQDNs - Info - Getting Exchange ECP External FQDN
08.02.2021 11:39:47 - Exchange FQDNs - Info - Exchange ECP External FQDN mail.meinedomain.de
08.02.2021 11:39:47 - Exchange FQDNs - Info - Getting Exchange OWA Internal FQDN
08.02.2021 11:39:48 - Exchange FQDNs - Info - Exchange OWA Internal FQDN mail.meinedomain.de
08.02.2021 11:39:48 - Exchange FQDNs - Info - Getting Exchange OWA External FQDN
08.02.2021 11:39:49 - Exchange FQDNs - Info - Exchange OWA ExternalFQDN mail.meinedomain.de
08.02.2021 11:39:49 - Exchange FQDNs - Info - Getting Exchange MAPI Internal FQDN
08.02.2021 11:39:50 - Exchange FQDNs - Info - Exchange MAPI Internal FQDN mail.meinedomain.de
08.02.2021 11:39:50 - Exchange FQDNs - Info - Getting Exchange MAPI External FQDN
08.02.2021 11:39:50 - Exchange FQDNs - Info - Exchange MAPI External FQDN mail.meinedomain.de
08.02.2021 11:39:50 - Exchange FQDNs - Info - Make them unique
08.02.2021 11:39:50 - Exchange FQDNs - Info - FQDNs are unique
08.02.2021 11:39:50 - LE System - Info - Setting LE Mode
08.02.2021 11:39:51 - LE System - Info - Setting LE Mode to STAGE MODE (TESTING ONLY)
08.02.2021 11:39:51 - LE System - Info - Checking for existing LE Account
08.02.2021 11:39:51 - LE System - Info - Found a existing LE Account
08.02.2021 11:39:51 - LE Certificate - Info - Trying to create a new order for a certificate
08.02.2021 11:39:52 - LE Certificate - Info - Successfully ordered certificate
08.02.2021 11:39:52 - LE System - Info - Creating Autorisation files for LE verification
08.02.2021 11:39:53 - LE System - Info - Asking LE to verify the order
08.02.2021 11:39:53 - LE System - Info - Successfully informed LE to verify the order
08.02.2021 11:39:53 - LE System - INFO - Let's give LE some time to validate (1 min)
08.02.2021 11:40:53 - LE System - INFO - Time to wake up, need coffee!
08.02.2021 11:40:53 - LE System - INFO - Let's check the authorization
08.02.2021 11:40:54 - LE System - INFO - Authorization for autodiscover.meinedomain.de is valid
08.02.2021 11:40:54 - LE System - INFO - Authorization for mail.meinedomain.de is valid
08.02.2021 11:40:54 - LE System - INFO - Let's refresh the order
08.02.2021 11:40:54 - LE System - INFO - Let's check if order is ready
08.02.2021 11:40:54 - LE System - ERROR - Order is NOT ready
Get-PAOrder | fl
status : invalid
expires : 2021-02-15T10:39:56Z
identifiers : {System.Collections.Hashtable, System.Collections.Hashtable}
authorizations : { https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/205248605, https://acme-staging-v02.api.letsencrypt.org/acme/authz-v3/205248606}
finalize : https://acme-staging-v02.api.letsencrypt.org/acme/finalize/17897583/236191028
OCSPMustStaple : False
DnsSleep : 120
PfxPass : xxxxxxxxxx
PreferredChain :
AlwaysNewKey : False
DnsAlias :
MainDomain : autodiscover.meinedomain.de
FriendlyName : autodiscover.meinedomain.de
CertExpires :
KeyLength : 2048
RenewAfter :
Install : False
UseSerialValidation : False
Plugin : {Manual}
SANs : {mail.meinedomain.de}
ValidationTimeout : 60
certificate :
location : https://acme-staging-v02.api.letsencrypt.org/acme/order/17897583/236191028
get-paorder | Get-PAAuthorizations
fqdn status Expires DNS01Status HTTP01Status
---- ------ ------- ----------- ------------
autodiscover.meinedomain.de invalid 15.02.2021 11:39:56 invalid
mail.meinedomain.de invalid 15.02.2021 11:39:56 invalid
Hat jemand eine Idee oder einen Lösungsvorschlag? Ich habe auch den Beitrag "Certificate Assistant - neue Version 12/2019" gefunden und die darin Lösungsvorschläge "$IISMimeType" auskommentieren, "*" setzen etc. ausprobiert. Leider ohne Erfolg.
Würde mich sehr freuen, wenn jemand helfen kann.
Bei dir steht unten zweimal, dass die Domain invalide ist/wäre. Bist du dir sicher, dass es funktionierende DNS bzw PTR Einträge zu deiner Domain gibt?
Grüße