Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
Z
Z
ZoomLS2016-01-10 06:40:14
Nginx
ZoomLS, 2016-01-10 06:40:14

How to pass Let's Encrypt verification or serve file with nginx using nodejs?

I'm trying to get a certificate from Let's Encrypt, but the verification fails.

./letsencrypt-auto certonly --webroot -w /home/user/www/domane.ru/  -d domain.ru

The fact is that nginx is used as a proxy to the node.js application:
server {
    listen 80;
    listen [::]:80;

    server_name domane.ru;

 location  / {

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-NginX-Proxy true;
        proxy_pass http://127.0.0.1:4567/;
        proxy_redirect off;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";

    }

Tried adding things like this to the config:
root /home/user/www/domane.ru;

location ~ /.well-known/acme-challenge/(.*)
    {
            default_type "text/plain";
            root /home/user/www/domane.ru;
    }

Nothing helps. Node.js app returns 404
. Let's Encrypt creates /.well-known /.well-known directory in /home/user/www/domane.ru/, where it puts the file for verification. But this file is not given.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
P
pomeo, 2016-01-10
@ZoomLS

I do so
it can be put in cron at once. Only if you have many domains, keep in mind that they have limits. And the limits are quite small.

letsencrypt.conf 
location /.well-known/acme-challenge {
    root /home/ubuntu/.lets;
}

/etc/nginx/sites-enabled/domain.com 
server {
        listen 80;
        server_name domain.com;
        include letsencrypt.conf;
        include redirect.conf;
}

Here immediately redirect to 443
redirect.conf 
if ($host ~* ^www\.(.*)$) {
  return 301 https://$1$request_uri;
}
return 301 https://$host$request_uri;

Those. I have a global folder /home/ubuntu/.lets for all domains, it creates a file there, checks for its existence and deletes it. Therefore, I see no reason to create a separate folder for each domain.
Node.js is not involved in any way here, here is the config with the node, which also has the lets encrypt check connected
server {
        listen 443 ssl http2;
        server_name domain.com;

        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        include sslplus.conf;

        location / {
                include nodejs.conf;
                proxy_pass http://10.3.100.1:3000/;
        }
        include letsencrypt.conf;
}

Similar questions
A
Abc Edc2015-04-07 20:48:01
How to make image stretching with scaling? 3Reply
E
Eduard Lisetskiy2020-06-04 11:05:44
Why is Nginx limit_rate not working? 0Reply
J
Julia Kovalenko2018-05-11 15:21:30
Nginx 429 error code? 3Reply
M
master2909882020-06-04 15:45:51
Text compression is enabled on the server, but Pagespeed still says enable GZIP, what could be the matter? 0Reply
R
Rasul_qa2018-05-16 15:56:42
How to properly install and configure falcon? 3Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question