I have a website running on an ec2 instance. It's running with pm2, and I'm able to connect to it and load it in my browser directly with it's elastic ip address.
My domain is routing traffic to it correctly, according to curl. However, the site gives Error code: SSL_ERROR_RX_RECORD_TOO_LONG when trying to connect in browser.
I'm trying to enable ssl certs on the website using letsencrypt.
I have nginx running and active. I'm using iptables to redirect traffic from ports 80 and ports 443 to port 3000 (where my site is).
but everytime I use this command:
sudo certbot --nginx -d xxx.app -d www.xxx.app
The domain challenges fail:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for xxx.app
http-01 challenge for www.xxx.app
Waiting for verification...
Challenge failed for domain xxx.app
Challenge failed for domain www.xxx.app
http-01 challenge for xxx.app
http-01 challenge for www.xxx.app
Cleaning up challenges
Some challenges have failed.
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: xxx.app
Type: unauthorized
Detail: Invalid response from
http://xxx.app/.well-known/acme-challenge/uYinEDb9EVI4Ki0fti-IX3T84qenxfkq2x8fAJ50XzU
[xx.xx.xx.xx]"<!DOCTYPE html><html><head><style
data-next-hide-fouc=\"true\">body{display:none}</style><noscript
data-next-hide-fouc=\"true\"><sty"
Domain: www.xxx.app
Type: unauthorized
Detail: Invalid response from
http://www.xxx.app/.well-known/acme-challenge/y6tpQJ6u7hXSgLGabwTNRY4LtStTsW8h8y0r20Dp1GQ
[xx.xx.xx.xx]: "<!DOCTYPE html><html><head><style
data-next-hide-fouc=\"true\">body{display:none}</style><noscript
data-next-hide-fouc=\"true\"><sty"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
What is going wrong here?
