My domain is: api.cyyann.com
Problem: I created a Node.js Elastic Beanstalk server on AWS with the deafult Node.js application template. I tried as much solutions as i find on the internet to install the certificate but I always got an error like this.
command i tried to run:
- sudo /usr/local/bin/certbot-auto --nginx
With Elastic Beanstalk, you are going to have to make some careful customizations to match the exact proxy environment that AWS has created for you: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/nodejs-platform-proxy.html
Certbot isn’t able to understand how Elastic Beanstalk is setup on its own.
For instance, if the default nginx listening port is 8080 (as in that above article), you may have to run Certbot with:
If that’s not it, then please provide the full output of the following command:
Thank you, Now I receive a different error
Traceback (most recent call last):
File “/opt/eff.org/certbot/venv/bin/letsencrypt”, line 11, in
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 1378, in main
return config.func(config, plugins)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 1140, in run
_install_cert(config, le_client, domains, new_lineage)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py”, line 764, in _install_cert
path_provider.cert_path, path_provider.chain_path, path_provider.fullchain_path)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py”, line 507, in deploy_certificate
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py”, line 202, in deploy_cert
vhosts = self.choose_vhosts(domain, create_if_no_match=True)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py”, line 311, in choose_vhosts
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py”, line 359, in _vhost_from_duplicated_default
default_vhost = self._get_default_vhost(domain, allow_port_mismatch, port)
File “/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py”, line 397, in _get_default_vhost
" block for %s. Set the
server_name directive to use the Nginx installer." % domain)
MisconfigurationError: Could not automatically find a matching server block for api.cyyann.com. Set the
server_name directive to use the Nginx installer.
Please see the logfiles in /var/log/letsencrypt for more details.
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your cert will expire on 2019-11-16. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again with the “certonly” option. To non-interactively renew all
of your certificates, run “certbot-auto renew”
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
You’re probably better off following the AWS documentation for configuring HTTPS on Elastic Beanstalk: https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/https-singleinstance-nodejs.html
Whilst you could potentially fix the above error by adding a
server_name in your nginx config, the changes (and also your certificates) are going to be wiped out every time your app is re-deployed.
The correct way to do what you are trying to do is to use Elastic Beanstalk with an AWS load balancer and a free certificate from AWS ACM, deployed to the load balaner.
Certbot wasn’t built to be used in temporary, horizontally-scaled environments like Elastic Beanstalk.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.