Need help installing first cert

Hi I need help getting my first cert installed. I'm using Ubuntu 18.04 and Nginx via AWS. I did the following:

My domain is: www.ash-renee.xyz

I ran this command: sudo certbot --nginx -v

It produced this output:
"challenge failed for domain www.ash-renee.xyz
http-01 challenge for www.ash-renee.xyz
certbot failed to authenticate some domains (authenticator: nginx)
The CA reported these problems:
domain type unathorized
Detail: Invalid response from Ashley D'Allessandro [184.168.131.241]: "\n\n\n\n Ashley D&#"

My web server is (include version): Ubuntu 18.04

The operating system my web server runs on is (include version): (not sure what is being asked here)

My hosting provider, if applicable, is: The IP is on AWS, and the domain is on GoDaddy

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Certbot 1.16.0

The website can be accessed fine on the internet right now. All the things I do as far as server maintenance, etc I'm doing from the command line via GitBash, there is no "control panel", etc

Thanks in advance

Your site seems to be embedded into a <frameset> in the initial HTML page, hosted by GoDaddy, with the source pointing to 3.141.15.128, an Amazon IP address. I.e., when requesting such a challenge file, the result would be not the actual challenge file, but a HTML file with:

<frameset rows="100%,*" border="0">
  <frame src="http://3.141.15.128/.well-known/acme-challenge/5feV5cJNn1eRO8HpxvFFzBixp5ZrhqYaV4qGgAy5uok" frameborder="0" />
</frameset>

This is not something the Let's Encrypt validation server understands nor will ever accept.

Ok, so what changes would you recommend to address this issue and get my cert?

Don't use such "redirect" features with ugly framesets. You should probably let GoDaddy, responsible for the ugly frameset HTML, only do the DNS part and let Amazon do all of the hosting.

No need to be rude about this

Not trying to be rude, my apologies if it came across as such. Just thought it was funny, haven't seen <framesets> in a while

I appreciate the apology. I just graduated a ccoding bootcamp so if you have references on what you are saying so I can improve myself I'd appreciate it

I though it was humerus.
You could just hang a plain old HTML file with almost nothing in it for the purpose of obtaining your cert initially. (Nice looking site BTW)
But what happens at renewal time?

But yea, based on what I know of the setup, that is how I have it. GoDaddy only has my Domain/DNS redirect and it's all on AWS

I think I see what you are saying in the HTML

That's the issue here: I believe the "redirect" GoDaddy has set up, is:

a) not necessary;
b) preventing you from getting a certificate.

GoDaddy should only do the DNS stuff and through DNS point your domain name to AWS. Currently, your DNS says this:

osiris@erazer ~ $ host www.ash-renee.xyz
www.ash-renee.xyz is an alias for ash-renee.xyz.
ash-renee.xyz has address 184.168.131.241
osiris@erazer ~ $ 

The "alias" bit is fine (a CNAME). However, the second part, the 184.168.131.241 IP address, is a GoDaddy address. But usually, the IP address there is the address of the server hosting the actual site, in this case 3.141.15.128, from AWS, where your site is hosted. I.e., it should say:

osiris@erazer ~ $ host www.ash-renee.xyz
www.ash-renee.xyz is an alias for ash-renee.xyz.
ash-renee.xyz has address 3.141.15.128
osiris@erazer ~ $ 

It's probably possible to disable this HTML based redirect in your GoDaddy control panel. It should also be possible through the GoDaddy DNS zone editor to change the IP address to the AWS address.

Gotcha. I'll look into this. Thanks

Osiris, just wanted to follow up. I see what you are saying and it makes perfect sense. Just trying to figure out their control panel so I can make the proper edits

That's something I can't help you with unfortunately, my GoDaddy experience is quite little and I want to keep it that way

No no, it's all good. You've given me some fantastic info to work with. Just wanted to let you know. I know when I help others out I'm always sitting there wondering if the issue got solved so I like to give updates/feedback

Much appreciated! Indeed I'd like to hear if you manage to solve it

I still see the name is using the same (old) IP.
It should be very simple and straightforward to change a DNS entry within GoDaddy.
Update it to:
3.141.15.128

Then ensure the nginx server is ready to serve via the requested domain name.
[you should also include the "www" within the vhost and cert]

Makes sense. Just trying to navigate their dashboard to adjust this. Thanks

Thanks @rg305 and @Osiris, it's finally fixed. So I had to remove my DNS forwarding and set it up in a different way to get rid of their ip and have mine be there. I have gotten my cert and verified it. So once again thank you all.

And if you have any tips/advice about my code, please let me know. I just graduated a boot camp and I'll take all the advice I can <3

If at all possible, avoid requiring JavaScript as the only way to use the site.

You need to enable JavaScript to run this app.