I have deployed my react app on firebase which comes with a pre-configured SSL certificate, but since I am making API calls to a node js server using HTTP and not HTTPS. Since I am accessing a non-secured content from within a secured site browser is blocking all my API calls.
The best and obvious choice is to load all resources via HTTPS to improve the security of my site which means generating a separate certificate signed by ‘Certificate Authority’ in this case LetsEncrypt for my node server, but I am having trouble achieving this.
Steps To Reproduce
- Installed Certbot
- Generate an SSL certificate with Certbot with the command
$ certbot certonly --manual
- Type your domain name
- Go through HTTP-01 challenge process
- Why do I need to provide my domain in step 3 if my domain is already secured with an SSL certificate? I mean this is a web server and would receive API requests via public IP why the need for the domain?
- For the HTTP-01 challenge process, Certbot will ask you to create a file with an auto-generated key in your web server document root, inside directories .well-known/acme-challenge/ and this file must contain the auth key, when I do this I am getting below error:
Some challenges have failed. To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address.
I would also be happy to receive other suggestions. Thanks for your time.