Add ssl to express app on heroku free dyno using sabayon

Help
1

I have followed the instructions here : https://github.com/dmathieu/sabayon
to setup lets encrypt certificate on my app hosted on Heroku Free Dyno.
(I know that there exists automated Lets Encrypt for Hobby/Professional Dynos, mine is Free, so apparently there isn’t any).

when I run the sabayon bin:

heroku run sabayon --force -a letsencrypt-my-app
Running sabayon --force on letsencrypt-my-app... up, run.7885 (Free)
2017/05/20 08:48:40 cert.create email='my.email@gmail.com' domains='[sub.domain.com]'
2017/05/20 08:48:41 [INFO] acme: Registering account for my.email@gmail.com
2017/05/20 08:48:42 [INFO][sub.domain.com] acme: Obtaining bundled SAN certificate
2017/05/20 08:48:42 [INFO][sub.domain.com] AuthURL: https://acme-v01.api.letsencrypt.org/acme/authz/cvxiCsiKfUSjdC_con7p74PMQs9twlzAOoLVYtW7b4U
2017/05/20 08:48:42 [INFO][sub.domain.com] acme: Could not find solver for: tls-sni-01
2017/05/20 08:48:42 [INFO][sub.domain.com] acme: Trying to solve HTTP-01
2017/05/20 08:48:42 cert.validate
2017/05/20 08:49:02 cert.validated
2017/05/20 08:49:04 acme: Error 403 - urn:acme:error:unauthorized - Invalid response from http://sub.domain.com/.well-known/acme-challenge/od3DwBk61Xz7LKMQD-kJNs_KUH4O3ZaBCrthYyh_1Os: "<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Error</title>
</head>
<body>
<pre>Not Found</pre>
</body>
"
Error Detail:
        Validation for sub.domain.com:80
        Resolved to:
                54.228.XXX.50
                176.34.WWW.161
                54.247.EE.70
                54.247.DD.150
                176.34.FFF.230
                54.228.VVV.113
                54.217.BBB.80
                46.137.RRR.231
        Used: 54.228.XXX.50

I have also included this route in my app:

app.get('/.well-known/acme-challenge/:acmeToken', function(req, res, next) {
  var acmeToken = req.params.acmeToken;
  var acmeKey;

  if (process.env.ACME_KEY && process.env.ACME_TOKEN) {
    if (acmeToken === process.env.ACME_TOKEN) {
      acmeKey = process.env.ACME_KEY;
    }
  }

  for (var key in process.env) {
    if (key.startsWith('ACME_TOKEN_')) {
      var num = key.split('ACME_TOKEN_')[1];
      if (acmeToken === process.env['ACME_TOKEN_' + num]) {
        acmeKey = process.env['ACME_KEY_' + num];
      }
    }
  }

  if (acmeKey) res.send(acmeKey);
  else res.status(404).send();
});

I don’t know how i can make sure that this route is accessible or not.

Could somebody help me understand what I am missing here? thanks

2

hi @Tomus

Your issues seem to be related to being able to access files from your webroot

Sabyon is written by a Third Party (Heroku) so I suggest raising an issue for this on their github as they are probably more familiar with their code base.

Andrei

3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.