SFTP

Upload verification files via SSH-FTP

Plugin type HTTP validation
Download Built-in
Compatibility All platforms

Description

This plugin uploads the validation challenge via SSH-FTP, also known as SFTP.

web.config

Optionally this plugin can place a web.config next to the validation file, to help IIS properly serve the response. There are many reasons why IIS can fail to properly serve the file. Some of them can be fixed this way. In interactive mode the program will ask you if you want to do this. In unattended mode you can request it using the command line. The web.config that will be copied lives in the root of the program directory with the name web_config.xml. You can modify it to fit your needs, e.g. for MVC sites you might need the following:

<configuration>
    <system.webServer>
        <staticContent>
            <clear/>
            <mimeMap fileExtension = ".*" mimeType="text/json" />
        </staticContent>
        <handlers>
            <clear />
            <add name="StaticFile" 
			path="*" 
			verb="*" 
			type="" 
			modules="StaticFileModule,
			         DefaultDocumentModule,
					 DirectoryListingModule" 
			scriptProcessor="" 
			resourceType="Either"
			requireAccess="Read" 
			allowPathInfo="false" 
			preCondition="" 
			responseBufferLimit="4194304" />
        </handlers>
    </system.webServer>
</configuration>

Or to disable URL Rewriting you might need to add this (in the beginning, right after <clear />).

<rule name="LetsEncrypt Rule" stopProcessing="true">
    <match url="^\.well-known.*$" />
    <action type="None" />
</rule>

Let us know if you could use a similar feature for uploading an .htaccess!

Command line

--validation sftp Activates the plugin
‑‑username Username for remote server
‑‑password Password for remote server

You may pass the secret in plain text, but can also use a reference to the secret vault like "vault://json/mysecret".

‑‑webroot Root path of the site that will serve the HTTP validation requests.
‑‑manualtargetisiis Copy default web.config to the .well-known directory.

Examples

Typical --validation sftp ‑‑webroot sftp://example.com/path/ ‑‑username simple-acme ‑‑password *****

JSON

ID 048aa2e7-2bce-4d3e-b731-6e0ed8b8170d

Settings

Validation.CleanupFolders If set to true, the program will automatically delete file it created after HTTP validation is complete. It will also cleanup the ./well-known/acme-challenge folder, if (and only if) there are no other files present.

Type: boolean
Default: true

Looking for win-acme?

simple-acme is a backwards compatible, drop-in replacement built by the same person. Project history.