Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for motivatincentivos.com
tls-sni-01 challenge for www.motivatincentivos.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. www.motivatincentivos.com (tls-sni-01): urn:acme:error:connection :: The s erver could not connect to the client to verify the
domain :: Timeout, motivatincentivos.com (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Timeout
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
ubuntu@ip-10-0-0-131:~/proyectosNode/Motivathttps01$
====================
My web server is (include version):
I have no a web server installed. The web server is part of my Node app.
My app listens for protolol HTTP + IP server + port 3000. Example: http://xxx.xxx.xxx:3000
Godaddy is my domain provider.
The operating system my web server runs on is (include version):
Linux Ubuntu 16.04.2 LTS
My hosting provider, if applicable, is:
VPS and EC2 - Amazon AWS
I can login to a root shell on my machine (yes or no, or I don’t know):
Login with a user with administrator capabilities.
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
I am using Putty from Windows 7
A SSH connection with a IP and a key
You likely need to update your AWS security group (and possibly server firewall) to allow inbound connections on port 80/443 for Let’s Encrypt to connect. The tls-sni-01 challenge uses port 443, and with the standalone plugin Certbot will start its own temporary server to service the necessary requests.
Will start a web server on port 443 to serve the challenge and validate your domains so Let’s Encrypt will try to connect directly to motivatincentivos.com on port 443 but right now, the web server is a Microsoft IIS that is serving a page with a frame loading your content from other ip`on port 3000.
I’m sorry but I do not understand what I should do.
I understand that port 443 is available for the https protocol and just for that I need the certificates.
At the moment the App runs listening to the port 3000 because so I have it programmed inside the server of App Node.js.
As I said, your domain motivatincentivos.com points to ip 50.63.202.18 and the content on port 80 is being served by the web server Microsoft IIS. The only content that is served is an html with an iframe pointing to your AWS server 34.227.63.247 on port 3000.
When you run certbot using standalone, it will start a web server on port 443 to serve the challenge to validate your domain. And this web server is available on your AWS server (34.227.63.247) but there is no way to reach it on port 443 using your domain name because it points to another server (50.63.202.18) and this server is not redirecting the requests to your real server.
I don’t know how do you need/want to implement your site and don’t know the reason to use a frame “redirection” for your domain but the fast way to solve your issue is to change the DNS A record for your domain motivatincentivos.com and point it to your real server 34.227.63.247 instead of 50.63.202.18.