redbird icon indicating copy to clipboard operation
redbird copied to clipboard
verified publisher icon OptimalBits

Forbidden Request on LetsEncrypt port

Open kvizdos opened this issue 6 years ago • 7 comments

Hello all!

I've been setting up a big reverse proxy for the past day and I've gotten stuck. Whenever I try and setup SSL I get an error log saying: {"name":"redbird","hostname":"{host}","pid":11420,"level":30,"msg":"Forbidden request on LetsEncrypt port 3000: E:\\Kenton Vizdos\\Documents\\HOME Router\\proxy\\certs\\{domain}\\.well-known\\acme-challenge\\test-1227b1a1905f45cddb66b45042a74963-0","time":"2019-08-08T21:06:02.246Z","v":0} and then Error: Error: Failed HTTP-01 Pre-Flight / Dry Run. curl 'http://{domain}/.well-known/acme-challenge/test-1227b1a1905f45cddb66b45042a74963-0' Expected: 'test-1227b1a1905f45cddb66b45042a74963-0.0SLBPsgiRroA3wEiUDUrJuauxGeFgOwl2x-S7gnM_tI' Got: ''

I also get 403'd whenever I try and see the page.. I just don't get why it would block the verification system? Currently on Node v10.12.0

My current code says this:

`proxy.register("home.{domain}.com", "127.0.0.1:" + _CONF.ports.dashboard, { ssl: { letsencrypt: { email: '[email protected]', // Domain owner/admin email production: false, // WARNING: Only use this flag when the proxy is verified to work correctly to avoid being banned! } }

});

and the initial requiring of Redbird is:

var proxy = require('redbird')({port: _CONF.ports.proxy, secure: true, ssl: { http2: true, port: 443 }, letsencrypt: { path: __dirname + "/certs", }}); *I've also tried setting the port under letsencrypt to something else and it does nothing! Does the port that this calls need to be open??

Any tips would be great!

kvizdos avatar Aug 08 '19 21:08 kvizdos

Bump? I still have yet to find any solutions :( This is the last real feature I need before I can push my project to production on my server, so any help would be greatly appreciated 😭

kvizdos avatar Aug 25 '19 22:08 kvizdos

Have you tested your code with a real domain name?

Looks like you want to do a letsencrypt with a domain name of home.{domain}.com I don't think this will work. It's not a valid domain name.

Test it with a proper domain name, and your public IP, not your localhost ip.

inspiretk avatar Sep 11 '19 23:09 inspiretk

Sadly I've tested it with a public IP and real domain name.. everything seems to work now, but it's not saving any certs, no errors (that I can see) either. Very odd??

kvizdos avatar Sep 13 '19 01:09 kvizdos

Have you opened your ports? Maybe you've closed all your ports?

inspiretk avatar Sep 15 '19 06:09 inspiretk

I've have port 80 and 443 open (and tested). Do I need to open any others?

kvizdos avatar Sep 15 '19 11:09 kvizdos

Your error message says this Forbidden request on LetsEncrypt port 3000:

Maybe open por 3000 and see what happens.

To be honest, I havn't used this script yet, but will test it one day when I do my deployment.

inspiretk avatar Sep 16 '19 03:09 inspiretk

change this: path: __dirname + "/certs", to: path: __dirname + "\\certs",

it's will work on windows machine

byrizki avatar Feb 11 '21 16:02 byrizki