Reputation: 76
Purchased and installed ssl certs but still indentified as *.herokuapp.com
I followed the instructions to the letter here -- https://devcenter.heroku.com/articles/ssl-certificate --, and they were helpful, especially since DNSimple is my registrar of choice. I got everything up and running as far as I know, purchased the certs (via DNSimple and RapidSSL), combined the crt and the CA bundle, and sent them up via the heroku client:
$ heroku ssl
www.website.com has a SSL certificate registered to /serialNumber=…
website.com has a SSL certificate registered to /serialNumber=…
But when I go to my apps (I even restarted them) they are still using the certs for *.herokuapp.com. Is there anything I've missed? Why would things be coming up as *.herokuapp.com?
From the top, here are the pieces provided to me from the related parties.
- From DNSimple (on the cert details page) : Private Key
- From DNSimple (on the cert details page) : Certificate
- From RapidSSL's CA Download page (linked from DNSimple) : CA bundle "pem"
- From email sent by RapidSSL / Geotrust : Web Server CERTIFICATE
- From email sent by RapidSSL / Geotrust : INTERMEDIATE CA
I imagine that the "private key" is what I need in the second part of the heroku ssl:add dance: heroku ssl:add site.pem private.key
But it seems that I'm doing something wrong when I'm putting together the "pem" file for the first file I'm sending with heroku ssl:add. Of the pieces above - what needs to be combined in order for this to work?
Upvotes: 3
Views: 1418
Answers (2)
Reputation: 1729
I know this question is old, but I just hit the same problem and found the answer, at least in my case.
I had my DNS pointing to my-app.herokapp.com but the SSL endpoint is different. You can find the SSL endpoint like this:
$ heroku certs
Endpoint Common Name(s) Expires Trusted
------------------------ ---------------------------- -------------------- -------
osaka-5565.herokussl.com www.example.com, example.com 2014-05-18 09:32 UTC True
Your endpoint will be different from that. Once you change your CNAME and/or ALIAS records to point to the SSL endpoint, you'll get your own certificate instead of the herokuapp wildcard.
Upvotes: 4
Reputation: 4745
Make sure you're not viewing the naked domain name, https://yourwebsite.com is not supported with SSL on Heroku, whereas https://www.yourwebsite.com is.
If this ends up being the issue you'll have to make sure the naked domain name redirects to a subdomain like www.
Upvotes: 0
Related Questions
- ERR_SSL_UNRECOGNIZED_NAME_ALERT when trying to access my heroku app
- Heroku SSL DNS Settings
- ssl on custom domain for heroku app
- Heroku Comodo SSL and it not working?
- SSL - invalid CN after installing certificate (getting CN *.herokuapp.com)
- Adding certificate for heroku app
- Heroku SSL - No certificate given is a domain name certificate
- SSL certificate on Heroku
- Heroku, DNSSimple, and SSL: web app is still not secure
- *.herokuapp.com SSL warning still appearing on domain