Certbot Error: "Error getting validation data", Nginx Ubuntu Node server

Question

I am trying to use certbot to add ssl to an already working site (krementimg.us.to) from my server at home. This server runs a node application behind Nginx on Ubuntu 16.04. By following instructions here, my etc/nginx/sites-available/default (my configuration file) looks like this:

server {
    server_name krementimg.us.to;
    client_max_body_size 20M;
    listen 80 default_server;
    listen [::]:80 default_server;    
    root /var/www/html;

    location / {
                proxy_pass http://localhost:443;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection 'upgrade';
                proxy_set_header Host $host;
                proxy_cache_bypass $http_upgrade;
     }
}

Nginx listens on port 80 and directs the client to the application running on port 443. All of this works fine, but, when I run the command sudo certbot --nginx after following the instructions on the certbot website, I get the error

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: krementimg.us.to
   Type:   connection
   Detail: Error getting validation data

   To fix these errors, please make sure that your domain name was
   entered correctly and the DNS A/AAAA record(s) for that domain
   contain(s) the right IP address. Additionally, please check that
   your computer has a publicly routable IP address and that no
   firewalls are preventing the server from communicating with the
   client. If you're using the webroot plugin, you should also verify
   that you are serving files from the webroot path you provided.

I would like to have ssl on my website, so how can I fix this issue?

Answer 1

I had some issues with certbot --nginx I suggest you to try to stop your Nginx server and then execute certbot in standalone mode. The command is:

sudo certbot certonly --standalone -d example.com -d www.example.com

Try to see if you have differences with the previous command. If it works, you need to complete the configuration of Nginx (listen on 443 port and load right certificates). I wrote a post. For details:

https://medium.com/@robertodev/how-to-enable-https-with-lets-encrypt-on-your-web-server-cc1ce465ad2c