Reputation: 51
Error generating SSL private key - Heroku - OpenSSL - Rails
I am following the instructions on https://devcenter.heroku.com/articles/ssl-endpoint but getting stuck on generating private key. It says to generate a private key '$ openssl genrsa -des3 -out server.pass.key 2048' so I'm typing into rails command line
$ heroku run openssl genrsa -des3 -out server.pass.key 2048
This seems to work and I can enter a passphrase twice (but there is no confirmation message)
The next stage is to type the following "$ openssl rsa -in server.pass.key -out server.key" - so that the private key can be stripped of its passphrase. So:
$ heroku run openssl rsa -in server.pass.key -out server.key
But here I get the following error:
Error opening Private key server.pass.key
2:error:02001002:system library:fopen no such file or directory:bss_file.c:356:f
open('server.pass.key','r')
2:error:20074002:BIO routines:FILE CTRL:system lib:bss_file.c:358:
Unable to load private key
Any ideas? Thanks.
(by the way I already have site-wide SSL enabled on the app, using heroku's certificate. I am trying to change to my own SSL certificate for my own domain).
Upvotes: 3
Views: 26730
Answers (2)
Reputation: 21
Check if your file is formed correctly. I changed
-----END CERTIFICATE----------BEGIN RSA PRIVATE KEY-----
into
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
and the error disappeared.
Upvotes: 2
Reputation: 191
I think the idea is to run those commands locally, on your own computer. First, make sure you have openssl installed (if you don't, follow the instructions on the provided Heroku help page, or use a friend's computer that has it installed). Then, type this:
$ openssl genrsa -des3 -out server.pass.key 2048
Generating RSA private key, 2048 bit long modulus
........................................................................................+++
..........+++
e is 65537 (0x10001)
Enter pass phrase for server.pass.key:
Verifying - Enter pass phrase for server.pass.key:
After this step, there should be a file named server.pass.key in the current directory:
$ ls
server.pass.key
Then, run the second command:
$ openssl rsa -in server.pass.key -out server.key
Enter pass phrase for server.pass.key:
writing RSA key
After you finish this step, there should be two files in the directory. Then, continue as it says in instructions.
$ ls
server.key server.pass.key
Upvotes: 8
Related Questions
- How to get SSL working on Rails app with Heroku?
- Heroku Rails Net::HTTP: OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
- OpenSSL::Cipher::CipherError with Rails4 on JRuby
- Heroku Config Secret Key Base Error when running heroku open
- SSL Error on Heroku app
- Issues setting up SSL, keep getting "no valid, non-passphrase-protected keys given" error
- OpenSSL 1.0.1 on Heroku
- Untrusted Certs on Heroku
- Certificate verify failed Heroku Ruby on Rails 3.2.1 Ruby 1.9.2p290
- Heroku SSL error: key doesn't match PEM certificate