Deploying on own server: "unable to reach" and "missing certificate url" error

amazon-alexa

#1

Hi, it took my a while to get a test skill running with Alexa. First I tried just the jovo deploy, but missed the jovo build. Then I had to manually add de-DE in skill.json, I guess I expect it to happen automatically when creating the model file. Now I try to run it on my own Linux server according to the ExpressJS docs.

First I substituted the sub.domain.tld/webhook_alexa for the webhook.jovo.cloud in skill.json, but it seems a jovo deploy overwrites that every time. Then I manually entered https://sub.domain.tld/webhook_alexa as endpoint in the Alexa developer console. But it tells me the skill is not reachable (“I am unable to reach the requested skill”) and I don’t see any access in the nginx-proxy log.

I have the app running in a docker container and SSL is handled externally by jwilder/nginx-proxy and jrcs/letsencrypt-nginx-proxy-companion.

docker run \
  --name jovo \
  --restart=unless-stopped \
  --env VIRTUAL_HOST=sub.domain.tld/webhook_alexa \
  --env LETSENCRYPT_HOST=sub.domain.tld/webhook_alexa \
  --expose=3000 \
  -v "$PWD/bundle":/usr/src/app \
  -w /usr/src/app \
  -d node:12 \
  node index.js --webhook

Manually calling https://sub.domain.tld/webhook_alexa indicates the SSL is working fine but gives me an error from the app: {"status":"failure","reason":"missing certificate url"}

Is this an error because the call does not come from Amazon or is this indicating that I don’t have SSL set up within Jovo? And will Alexa accept letsencrypt SSL certificates?


#2

Still trying to get my Alexa skill running on my own server.

I figured out thanks to Staging Examples that I can set stages and define the endpoint for every stage. I missed that one in the docs and can now build and deploy with the correct URI.

In general letsencrypt SSL for alexa endpoints seems not always to be working. I found a stackoverflow solution (well, maybe call it a hack) to get letsencrypt certificates to work with Alexa.

But still to no avail. Alexa says “I am unable to reach the requested skill” and I don’t see any access in the nginx logs. Is there an endpoint/SSL test function in the Alexa Developer Console?


#3

Alright, seems Amazon does not like letsencrypt.

Anand@Amazon writes in the Amazon Developer Forum:

Note: You cannot use https://letsencrypt.org/, even though it is on the certificate list.
Alexa doesn’t support any web url which uses LetsEncypt certificate.

Not sure why Amazon just decides to not accept a Certification Authority.