What steps should I follow to get HTTPS for facebook on my Express server?

miguelito · July 22, 2018, 5:45pm

Hello one or two months ago I asked for help on this site and several colleagues offered their time (@schoen, @ rg305, etc)
I was working with windows creating an application entirely with Node.js in which I intend to login from facebook.
Well, after trying it for days, I did not get it, so I decided to switch to Ubuntu.
I have created my application from scratch and reach the point of login with faceebock, which I am not allowed by its new HTTPS policy.
The application is running with Express and I have seen several things but I can not perform the complex operations.
I just want to tell me the steps to follow to get my url (michaelgram.test) through https.
I have to tell you that I am new to this topic, that’s why I was not able to get it with Windows, I hope to get it now.

I have searched other unsuccessful questions on this site. In my previous question they also show me certbot, but I do not find Ubuntu 18.04 from where I work.
I show you the code, the same as the previous time.
Sorry for the syntax, I must use the translator.
Thank you.

    let express = require('express');

let aws = require(‘aws-sdk’);
let multer = require(‘multer’);
let multerS3 = require(‘multer-s3’);
let ext = require(‘file-extension’);
let cookieParser = require(‘cookie-parser’);
let bodyParser = require(‘body-parser’);
let expressSession = require(‘express-session’);
let passport = require(‘passport’);
let michaelgram = require(‘michaelgram-client’);
let auth = require(’./auth’)
let config = require(’./config’);
let port = process.env.PORT || 5050;

let client = michaelgram.createClient(config.client);

let s3 = new aws.S3({
accessKeyId: config.aws.accessKey,
secretAccessKey: config.aws.secretKey
});

let storage = multerS3({
s3: s3,
bucket: ‘michaelgram’,
acl: ‘public-read’,
metadata: function (req, file, cb) {
cb(null, { fieldName: file.fieldname })
},
key: function (req, file, cb) {
cb(null, +Date.now() + ‘.’ + ext(file.originalname))
}
});

let upload = multer({ storage: storage }).single(‘picture’);

let app = express();

app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(expressSession({
secret: config.secret,
resave: false,
saveUninitialized: false
}))
app.use(passport.initialize())
app.use(passport.session())
app.set(‘view engine’, ‘pug’);
app.use(express.static(‘public’));

passport.use(auth.localStrategy);
passport.use(auth.facebookStrategy);
passport.deserializeUser(auth.deserializeUser);
passport.serializeUser(auth.serializeUser);

app.get(’/’, function (req, res) {
res.render(‘index’, { title: ‘Michaelgram’ });
})

app.get(’/signup’, function (req, res) {
res.render(‘index’, { title: ‘Michaelgram - Signup’ });
})

app.post(’/signup’, function (req, res) {
let user = req.body;
client.saveUser(user, function (err, usr) {
if (err) return res.status(500).send(err.message)
debugger
res.redirect(’/signin’);
});
});

app.get(’/signin’, function (req, res) {
res.render(‘index’, { title: ‘Michaelgram - Signin’ });
})

app.post(’/login’, passport.authenticate(‘local’, {
successRedirect: ‘/’,
failureRedirect: ‘/signin’
}));

app.get(’/logout’, function (req, res) {
req.logout()
res.redirect(’/’)
});

app.get(’/auth/facebook’, passport.authenticate(‘facebook’, { scope: ‘email’ }));

app.get(’/auth/facebook/callback’, passport.authenticate(‘facebook’, {
successRedirect: ‘/’,
failureRedirect: ‘/signin’
}));

function ensureAuth(req, res, next) {
if (req.isAuthenticated()) {
return next()
}

res.status(401).send({ error: ‘not authenticated’ })
}

app.get(’/whoami’, function (req, res) {
if (req.isAuthenticated()) {
return res.json(req.user)
}

res.json({ auth: false })
})

app.get(’/api/pictures’, function (req, res, next) {
client.listPictures(function (err, pictures) {
if (err) return res.send([]);

res.send(pictures)
})
})

app.post(’/api/pictures’, ensureAuth, function (req, res) {
upload(req, res, function (err) {
if (err) {
return res.status(500).send(Error uploading file: ${err.message})
}

let user = req.user
let token = req.user.token
let username = req.user.username
let src = req.file.location

client.savePicture({
src: src,
userId: username,
user: {
username: username,
avatar: user.avatar,
name: user.name
}
}, token, function (err, img) {
if (err) {
return res.status(500).send(err.message)
}

res.send(File uploaded: ${req.file.location});
})
})
})

app.get(’/api/user/:username’, (req, res) => {
var username = req.params.username;

client.getUser(username, function (err, user) {
if (err) return res.status(404).send({ error: 'user not found '})

res.send(user)
})
})

app.get(’/:username’, function (req, res) {
res.render(‘index’, { title: Michaelgram - ${req.params.username} });
})

app.get(’/:username/:id’, function (req, res) {
res.render(‘index’, { title: Michaelgram - ${req.params.username} });
})

app.listen(port, function (err) {
if (err) return console.log(‘Hubo un error’), process.exit(1);

console.log(‘Michaelgram escuchando en el puerto 5050’);
})

stevenzhu · July 22, 2018, 6:16pm

Hi,

You can’t use a non-public tld to obtain an certificate from public CA…

Thank you

miguelito · July 22, 2018, 7:52pm

Not feeling, It’s the one I have for tests, I also tego michaelgram.com, but it’s busy. As I say I am creating an application following my studies, I can not use michaelgram.test to do my tests …?
What should I do then to get Facebook to let me login in my application with Facebook …?
What domain should I put to make my tests?
It is a study application, it will not be published, or at least until you learn more about javascript and believe it bigger.

Osiris · July 22, 2018, 8:05pm

On the big bad internet, computers don’t connect to a hostname. They connect to an IP address. But it is not possible to register a domain name under the top level domain “test”: it’s a “reserved” top level domain which can’t be used on the global internet. So it isn’t possible for computers to resolve your “.test” domain to any IP address, so computers can’t connect to your server. And if computers can’t connect to your server, Facebook can’t either.

You could use a subdomain such as test.michaelgram.com for testing.

miguelito · July 22, 2018, 8:21pm

In the tests carried out in the course (recorded more than a year ago) the teacher logged in the application with facebook with that domain.
Then, I have a domain, webapplicationdeveloper … but my hostting does not let me put an SSL certificate from me.
If I create a subdomain of mine and put it in my code to do the tests, and be able to pass the login test with Facebook …?
This is my subdomain: michaelgram.webapplicationdeveloper.es

schoen · July 23, 2018, 1:01am

Perhaps Facebook didn’t have the same policy at that time?

Yes, I think that’s fine.

miguelito · July 23, 2018, 9:37am

What would be the steps I should follow to achieve my goal, I already tried unsuccessfully with an example of Medium.
If you tell me the steps to follow or documentation to study, being a beginner that wants to learn, seeing how I have configured Express for the connection, I would do myself a favor, and it would not bother me anymore.
The problem is that my hosting does not allow me to include SSL certificates, how should I proceed?
Thank you.

miguelito · July 23, 2018, 1:52pm

I have followed the steps to create from http, because my hosting (hostinger.es) does not let me carry my SSL. Following the instructions of https://zerossl.com, creating the necessary folders, as indicated in the instructions, but before the 3rd step it says Error: DNS problem: NXDOMAIN looking up A for Michaelgram.developer.es
I do not know what else I can do …
Create the folders in my computer’s home, maybe you do not create them in the right place.

jared.m · July 23, 2018, 3:23pm

Your DNS looks strange - are you sure this is a domain you control? This domain has a CNAME record pointing to parkingsrv0.dondominio.com, which is the same domain as your nameservers. Does this sound correct? That, in turn, points to 37.152.88.55.

Your second name server also looks a bit confused, as there is no A record for parkingsrv0.dondominio.com, just another recursive CNAME record.

miguelito · July 23, 2018, 3:43pm

I do not understand very well or what he means.
The domain is mine, of course.
I am trying to create the certificates in my hosting, I have been told that I can do it with Let’s Encrypt:

The question that remains is if I can use the domain for the tests of my application.
I hope that by putting the domain in the host of my computer it will work, I will get it.
Considering that my application runs with Express …

schoen · July 23, 2018, 7:15pm

I think there was a confusion because in one place you said michaelgram.webapplicationdeveloper.es and in another place you said michaelgram.developer.es, which are different. If your domain is really michaelgram.webapplicationdeveloper.es, you can’t use that to get a certificate for machinegram.developer.es.

miguelito · July 23, 2018, 8:30pm

I’m sorry, it was a mistake on my part.
My subdomain is michaelgram.webapplicationdeveloper.es
I’ll try to solve it somehow, I’ve been trying for almost two months now.
By changing Ubuntu I thought it would be easier.
Thanks for the support given, I will try to get it from another side.

schoen · July 23, 2018, 9:39pm

Do you currently get an NXDOMAIN error when you use michaelgram.webapplicationdeveloper.es?

miguelito · July 23, 2018, 9:59pm

Yes, it shows me the following error: Error: DNS problem: NXDOMAIN looking up A for Michaelgram.developer.es
I do not know what else I can do …
But now I can not do more tests until tomorrow.

schoen · July 23, 2018, 10:04pm

Why does it say NXDOMAIN looking up A for Michaelgram.developer.es if your real domain name is michaelgram.webdeveloper.es? Are you typing in michaelgram.developer.es somewhere? Did you create a CSR using this name?

miguelito · July 23, 2018, 11:00pm

Well I do not know why, tomorrow I’ll continue doing tests, today it’s impossible.
My domain is michaelgram.webapplicationdeveloper.es

miguelito · July 24, 2018, 7:44pm

Hello, after all the day doing tests as indicated in the tutorial that I provide my hosting (https://www.hostinger.com/tutorials/ssl/how-to-install-free-ssl-from-lets-encypt- on-shared-hosting) when you get to the following command php bin / acme issue --domains michaelgram.webapplicationdeveloper.es --path / home / u811029570 / public_html --server letsencrypt
gives me the following error, for which they have not been able to help me in the hosting.

Also try the way http://zerossl.com/ and I gave an error in the hosting
What else can I do …?
Thanks for the support

ERROR:

-bash-4.2$ php bin/acme issue --domains michaelgram.webapplicationdeveloper.es --path /home/u811029570/public_html --server letsencrypt

Providing payload at http://michaelgram.webapplicationdeveloper.es/.well-known/acme-challenge/-1cNfAsA9uEWx7U6hIUiPh7sxInwudgUi6KwB0-LoL8

Kelunik\Acme\AcmeException: Verification failed, please check the response body for ‘http://michaelgram.webapplicationdeveloper.es/.well-known/acme-challenge/-1cNfAsA9uEWx7U6hIUiPh7sxInwudgUi6KwB0-LoL8’. It contains ’

404 Not Found

openresty

’ but ‘-1cNfAsA9uEWx7U6hIUiPh7sxInwudgUi6KwB0-LoL8.z8tOI7bvDkjrp945EiWin90bNT-7NoZvRqzrro6i3NE’ was expected. in /home/u811029570/acme-client/vendor/kelunik/acme/lib/Verifiers/Http01.php:62

schoen · July 24, 2018, 7:46pm

Can you create a file /home/u811029570/public_html/test.txt and another file /home/u811029570/public_html/.well-known/acme-challenge/test2.txt on this server?

miguelito · July 24, 2018, 7:50pm

Yes
Yes, I’m going to it, I’m still connected

miguelito · July 24, 2018, 8:00pm

You already believe the two files in the place you told me.
In /home/u811029570/public_html/.well-known/acme-challenge/
there is a file already created that has an ID name, that is, a list of disordered letters.

I must do it from the console, the web does not work