redbird
redbird copied to clipboard
Published
20 hours ago •
OptimalBits
OptimalBits
letsencrypt configuration non port 80 is not working
The below snipped works for port 80 for letsencrypt challlenges, but fails to work for port 180 for example.
const Redbird = require('redbird');
const redbird = new Redbird( {
port: 180,
letsencrypt: {
path: "certs",
port: 3231 // the path for the minimalist challenge server
},
ssl: {
port: 1443,
http2: false
},
});
const ssl = {
ssl: {
letsencrypt: {
email: '[email protected]',
production: false // WARNING: Only use this flag when the proxy is verified to work correctly to avoid being banned!
}
}
};
redbird.register("workflow.guestmate.org", "http://localhost:8081", ssl);
{"name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Getting Lets Encrypt certificates for workflow.guestmate.org","time":"2018-07-10T10:32:16.280Z","v":0}
le.challenges[http-01].loopback should be defined as function (opts, domain, token, keyAuthorization, cb) { ... } and should prove (by external means) that the ACME server challenge 'http-01' will succeed
le.challenges[tls-sni-01].loopback should be defined as function (opts, domain, token, keyAuthorization, cb) { ... } and should prove (by external means) that the ACME server challenge 'tls-sni-01' will succeed
{"0":false,"1":"created middleware","name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Lets encrypt debugger","time":"2018-07-10T10:32:16.671Z","v":0}
{"name":"redbird","hostname":"Zity1","pid":14374,"level":30,"from":{"protocol":"http:","slashes":true,"auth":null,"host":"workflow.guestmate.org","port":null,"hostname":"workflow.guestmate.org","hash":null,"search":null,"query":null,"pathname":"/","path":"/","href":"http://workflow.guestmate.org/"},"to":{"protocol":"http:","slashes":true,"auth":null,"host":"127.0.0.1:3081","port":"3081","hostname":"127.0.0.1","hash":null,"search":null,"query":null,"pathname":"/","path":"/","href":"http://127.0.0.1:3081/","sslRedirect":true,"useTargetHostHeader":false},"msg":"Registered a new route","time":"2018-07-10T10:32:16.687Z","v":0}
{"1":"checkAsync failed to find certificates","name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Lets encrypt debugger","time":"2018-07-10T10:32:16.730Z","v":0}
{"name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Manually registering certificate for workflow.guestmate.org","time":"2018-07-10T10:32:16.731Z","v":0}
{"0":false,"1":"checkAsync failed to find certificates","name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Lets encrypt debugger","time":"2018-07-10T10:32:16.736Z","v":0}
deprecation notice: new signature for signJws(keypair, header, protect, payload)
deprecation notice: new signature for signJws(keypair, header, protect, payload)
{"0":false,"1":"calling le.acme.getCertificateAsync","2":["workflow.guestmate.org"],"name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Lets encrypt debugger","time":"2018-07-10T10:32:17.955Z","v":0}
deprecation notice: new signature for signJws(keypair, header, protect, payload)
{"0":false,"1":"setChallenge called for 'workflow.guestmate.org'","name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Lets encrypt debugger","time":"2018-07-10T10:32:18.336Z","v":0}
deprecation notice: new signature for signJws(keypair, header, protect, payload)
{"0":false,"1":"removeChallenge called for 'workflow.guestmate.org'","name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Lets encrypt debugger","time":"2018-07-10T10:32:19.718Z","v":0}
{"name":"redbird","hostname":"Zity1","pid":14374,"level":50,"err":{"message":"The CA was unable to validate the file you provisioned. \n - https://acme-staging.api.letsencrypt.org/acme/challenge/iTFvgi89yLxY6IwjeX0UCS7fxCm2l7BRYGXQMQrPmIA/146626430 [invalid]\n - https://acme-staging.api.letsencrypt.org/acme/challenge/iTFvgi89yLxY6IwjeX0UCS7fxCm2l7BRYGXQMQrPmIA/146626431 [invalid]\n - https://acme-staging.api.letsencrypt.org/acme/challenge/iTFvgi89yLxY6IwjeX0UCS7fxCm2l7BRYGXQMQrPmIA/146626432 [invalid]\n Invalid response from http://workflow.guestmate.org/.well-known/acme-challenge/mQ2BgONRNEDQuy3lgxVOwhtdQMDv6q1XPwTEaXW6_vM [104.222.96.51]: 404","name":"Error","stack":"Error: The CA was unable to validate the file you provisioned. \n - https://acme-staging.api.letsencrypt.org/acme/challenge/iTFvgi89yLxY6IwjeX0UCS7fxCm2l7BRYGXQMQrPmIA/146626430 [invalid]\n - https://acme-staging.api.letsencrypt.org/acme/challenge/iTFvgi89yLxY6IwjeX0UCS7fxCm2l7BRYGXQMQrPmIA/146626431 [invalid]\n - https://acme-staging.api.letsencrypt.org/acme/challenge/iTFvgi89yLxY6IwjeX0UCS7fxCm2l7BRYGXQMQrPmIA/146626432 [invalid]\n Invalid response from http://workflow.guestmate.org/.well-known/acme-challenge/mQ2BgONRNEDQuy3lgxVOwhtdQMDv6q1XPwTEaXW6_vM [104.222.96.51]: 404\n at handleErr (/home/cititrip/zitytripDomainrouter/node_modules/le-acme-core/lib/get-certificate.js:351:17)\n at ensureValidation (/home/cititrip/zitytripDomainrouter/node_modules/le-acme-core/lib/get-certificate.js:226:16)\n at Request._callback (/home/cititrip/zitytripDomainrouter/node_modules/le-acme-core/lib/get-certificate.js:208:13)\n at Request.self.callback (/home/cititrip/zitytripDomainrouter/node_modules/request/request.js:186:22)\n at emitTwo (events.js:126:13)\n at Request.emit (events.js:214:7)\n at Request.<anonymous> (/home/cititrip/zitytripDomainrouter/node_modules/request/request.js:1163:10)\n at emitOne (events.js:116:13)\n at Request.emit (events.js:211:7)\n at IncomingMessage.<anonymous> (/home/cititrip/zitytripDomainrouter/node_modules/request/request.js:1085:12)\n at Object.onceWrapper (events.js:313:30)\n at emitNone (events.js:111:20)\n at IncomingMessage.emit (events.js:208:7)\n at endReadableNT (_stream_readable.js:1064:12)\n at _combinedTickCallback (internal/process/next_tick.js:138:11)\n at process._tickCallback (internal/process/next_tick.js:180:9)"},"msg":"Error registering LetsEncrypt certificates","time":"2018-07-10T10:32:19.722Z","v":0}
{"name":"redbird","hostname":"Zity1","pid":14374,"level":30,"msg":"Could not get any certs for workflow.guestmate.org","time":"2018-07-10T10:32:19.724Z","v":0}
Trying to set it up like so:
var proxy = require('redbird')({
port: 80,
letsencrypt: {
path: "certs",
port: 3000
},
ssl: {
port: 443
}
});
proxy.register("www.example1.com", "http://localhost:4000", {
ssl: {
letsencrypt: {
email: "myemail",
production: false
}
}
})
All required ports (80, 3000) open on the machine. Result:
{"level":50,"time":1584348646276,"pid":17106,"hostname":"myhostnam","name":"redbird","code":"E_FAIL_DRY_CHALLENGE","msg":"Error registering LetsEncrypt certificates","stack":"Error: Error: Failed HTTP-01 Pre-Flight / Dry Run.\ncurl 'http://www.example1.com/.well-known/acme-challenge/test-11b20db3b14e697c64659191ab4b1d2c-0'\nExpected: 'test-11b20db3b14e697c64659191ab4b1d2c-0.vf_frPRC_B1SSKls4UADgdlSW0DwBbP92WcWfH0KOh0'\nGot: '<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n<html><head>\n<title>404 Not Found</title>\n</head><body>\n<h1>Not Found</h1>\n<p>The requested URL was not found on this server.</p>\n<p>Additionally, a 404 Not Found\nerror was encountered while trying to use an ErrorDocument to handle the request.</p>\n</body></html>\n'\nSee https://git.coolaj86.com/coolaj86/acme-v2.js/issues/4\n at /Users/decades/Documents/Node/test/node_modules/acme-v2/index.js:49:10\n at process._tickCallback (internal/process/next_tick.js:68:7)","type":"Error","v":1}
{"level":30,"time":1584348646276,"pid":17106,"hostname":"myhostname","name":"redbird","msg":"Could not get any certs for www.example1.com","v":1}
No of course not. Maybe I didn’t understand the entire stuff and what its all about with letsencrypt. Forget about