Forbidden Request on LetsEncrypt port

Question

Forbidden Request on LetsEncrypt port

kvizdos opened this issue 5 years ago · 7 comments

Hello all!

I've been setting up a big reverse proxy for the past day and I've gotten stuck. Whenever I try and setup SSL I get an error log saying:
{"name":"redbird","hostname":"{host}","pid":11420,"level":30,"msg":"Forbidden request on LetsEncrypt port 3000: E:\\Kenton Vizdos\\Documents\\HOME Router\\proxy\\certs\\{domain}\\.well-known\\acme-challenge\\test-1227b1a1905f45cddb66b45042a74963-0","time":"2019-08-08T21:06:02.246Z","v":0}
and then
Error: Error: Failed HTTP-01 Pre-Flight / Dry Run. curl 'http://{domain}/.well-known/acme-challenge/test-1227b1a1905f45cddb66b45042a74963-0' Expected: 'test-1227b1a1905f45cddb66b45042a74963-0.0SLBPsgiRroA3wEiUDUrJuauxGeFgOwl2x-S7gnM_tI' Got: ''

I also get 403'd whenever I try and see the page.. I just don't get why it would block the verification system? Currently on Node v10.12.0

My current code says this:

`proxy.register("home.{domain}.com", "127.0.0.1:" + _CONF.ports.dashboard, {
ssl: {
letsencrypt: {
email: 'kvizdos@gmail.com', // Domain owner/admin email
production: false, // WARNING: Only use this flag when the proxy is verified to work correctly to avoid being banned!
}
}

});

and the initial requiring of Redbird is:

var proxy = require('redbird')({port: _CONF.ports.proxy, secure: true, ssl: {
http2: true,
port: 443
}, letsencrypt: {
path: __dirname + "/certs",
}});
*I've also tried setting the port under letsencrypt to something else and it does nothing! Does the port that this calls need to be open??

Any tips would be great!

Answer 1 · 2019-08-25T22:01:21.000Z

Bump? I still have yet to find any solutions :( This is the last real feature I need before I can push my project to production on my server, so any help would be greatly appreciated 😭

Answer 2 · 2019-09-11T23:32:38.000Z

Have you tested your code with a real domain name?

Looks like you want to do a letsencrypt with a domain name of home.{domain}.com I don't think this will work. It's not a valid domain name.

Test it with a proper domain name, and your public IP, not your localhost ip.

Answer 3 · 2019-09-13T01:29:19.000Z

Sadly I've tested it with a public IP and real domain name.. everything seems to work now, but it's not saving any certs, no errors (that I can see) either. Very odd??

Answer 4 · 2019-09-15T06:44:42.000Z

Have you opened your ports? Maybe you've closed all your ports?

Answer 5 · 2019-09-15T11:11:29.000Z

I've have port 80 and 443 open (and tested). Do I need to open any others?

Answer 6 · 2019-09-16T03:05:40.000Z

Your error message says this
Forbidden request on LetsEncrypt port 3000:

Maybe open por 3000 and see what happens.

To be honest, I havn't used this script yet, but will test it one day when I do my deployment.

Answer 7 · 2021-02-11T16:45:54.000Z

change this: path: __dirname + "/certs",
to: path: __dirname + "\\certs",

it's will work on windows machine