Certbot SSL returning my page instead of token

Help
#1

My domain is: http://onthelanes.xyz

I ran this command: sudo certbot

It produced this output:
Which names would you like to activate HTTPS for?

1: onthelanes.xyz
2: www.onthelanes.xyz

Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):
Requesting a certificate for onthelanes.xyz and www.onthelanes.xyz
Performing the following challenges:
http-01 challenge for onthelanes.xyz
http-01 challenge for www.onthelanes.xyz
Waiting for verification...
Challenge failed for domain onthelanes.xyz
Challenge failed for domain www.onthelanes.xyz
http-01 challenge for onthelanes.xyz
http-01 challenge for www.onthelanes.xyz
Cleaning up challenges
Some challenges have failed.

IMPORTANT NOTES:

  • The following errors were reported by the server:

    Domain: onthelanes.xyz
    Type: unauthorized
    Detail: 54.67.47.15: Invalid response from
    On the Lanes
    "<!doctype html><html lang="en"><meta
    charset="utf-8"/><link rel="icon" href="/logo.png"/><meta
    name="viewport" content="wi"

    Domain: www.onthelanes.xyz
    Type: unauthorized
    Detail: 54.67.47.15: Invalid response from
    On the Lanes
    "<!doctype html><html lang="en"><meta
    charset="utf-8"/><link rel="icon" href="/logo.png"/><meta
    name="viewport" content="wi"

    To fix these errors, please make sure that your domain name was
    entered correctly and the DNS A/AAAA record(s) for that domain
    contain(s) the right IP address.

I'm pretty confident the HTML shown in the response is my page, it matches the top of the HTML file in my project.

My web server is (include version): node v16.16.0

The operating system my web server runs on is (include version): Amazon Linux 2

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbot 1.11.0

Thanks so much for reading!

#2

Welcome to the community @NickGreenSf

Yes, your server does not correctly reply to the Let's Encrypt server. The LE server makes an http request to you to confirm you control that domain. Your server is supposed to respond with the contents of the file that certbot placed there. But, instead, your server replies with a page saying that javascript is required. See the below sample request

I do not know node so cannot provide specifics on how to correct that. Hopefully you know now that you see the problem.

curl -i http://onthelanes.xyz/.well-known/acme-challenge/ChallengeTest123

HTTP/1.1 200 OK
Content-Length: 626
Content-Disposition: inline; filename="index.html"
Date: Sat, 30 Jul 2022 00:45:10 GMT
(other headers omitted)

<!doctype html><html lang="en"><head><meta charset="utf-8"/>
<link rel="icon" href="/logo.png"/><meta name="viewport" content="width=device-width,initial-scale=1"/>
<meta name="theme-color" content="#000000"/>
<meta name="description" content="Blog about bowling games"/>
<link rel="apple-touch-icon" href="/logo.png"/><link rel="manifest" href="/manifest.json"/>
<title>On the Lanes</title>
<script defer="defer" src="/static/js/main.be6a782b.js"></script>
<link href="/static/css/main.7be15d6f.css" rel="stylesheet"></head>
<body><noscript>You need to enable JavaScript to run this app.</noscript>
<div id="root"></div></body></html>
3 Likes
#3

Yeah, that's the main HTML file generated by Create-React-App, alright. Thanks for looking at it.

2 Likes