CODEWITHSUNDEEP
node.jsfirebasessllets-encrypt
amo
amo

Reputation: 177

unable to generating SSL certificate with LetsEncrypt certbot using node js

I have deployed my react app on firebase which comes with a pre-configured SSL certificate, but since I am making API calls to a node js server using HTTP and not HTTPS. Since I am accessing a non-secured content from within a secured site browser is blocking all my API calls.

The best and obvious choice is to load all resources via HTTPS to improve the security of my site which means generating a separate certificate signed by 'Certificate Authority' in this case LetsEncrypt for my node server, but I am having trouble achieving this.

Steps To Reproduce

  1. Installed Certbot
  2. Generate an SSL certificate with Certbot with the command $ certbot certonly --manual
  3. Type your domain name
  4. Go through HTTP-01 challenge process

Questions

  1. Why do I need to provide my domain in step 3 if my domain is already secured with an SSL certificate? I mean this is a web server and would receive API requests via public IP why the need for the domain?

  2. For the HTTP-01 challenge process, Certbot will ask you to create a file with an auto-generated key in your web server document root, inside directories .well-known/acme-challenge/ and this file must contain the auth key, when I do this I am getting below error:

    Some challenges have failed. To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.

I would also be happy to receive other suggestions. Thanks for your time.

Upvotes: 0

Views: 1129

Answers (1)

Take-Some-Bytes
Take-Some-Bytes

Reputation: 952

First, you have to understand that you have a domain which points to your Firebase-hosted React application. That domain already has a TLS (aka SSL) certificate. Now, you are trying to secure a Node.JS server, which doesn't have a domain pointing to it, using cerbot, with your already-secured domain.

You should see now, why that doesn't work as expected. You have a domain that is pointing to your React application, but not your Node.JS server, and you are trying to use certbot to secure that domain (which is already secured anyways). certbot will make a request to your React application for the HTTP-01 challenge, and it will fail, because the challenge isn't there.

How do you solve this? By giving your Node.JS server a domain name, and using that domain with certbot.

Now, you don't have to go and buy another domain name just for your Node.JS server. You could use a subdomain, and then make that subdomain point to your Node.JS server. Then, you could use certbot to secure your Node.JS application.

Upvotes: 2

Related Questions