disruptive
Reputation: 5946
Privacy Issue with Heroku App
When I try to look up some pages, I get the following:
Your connection is not private
Attackers might be trying to steal your information from www.xxx.com (for example, passwords, messages or credit cards). NET::ERR_CERT_COMMON_NAME_INVALID
Back to safetyHide advanced
This server could not prove that it is www.xxx.com; its security certificate is from *.herokuapp.com. This may be caused by a misconfiguration or an attacker intercepting your connection.
Proceed to www.xxx.com (unsafe)
What should I do to prevent this? Somehow google has https, but I know I haven't paid for a certificate and everything runs off http, but pages are indexed in google as http(s).
Upvotes: 2
Views: 1034
Answers (1)
iurisilvio
Reputation: 4987
You must use the SSL Endpoint addon.
Heroku use a default *.herokuapp.com certificate. For custom domains, you must use the adon.
https://devcenter.heroku.com/articles/ssl-endpoint
Upvotes: 1
Related Questions
- Keeping Variable Data on Heroku with Python Flask Application
- Python Flask on Heroku repeatedly logs "Permission Denied"
- Flask app works locally, but not on Heroku (Method not allowed)
- Deploying Flask application on heroku
- Heroku Application Error python flask
- Authentication for simple flask app on hosted on Heroku
- Deploying Flask App on Heroku
- heroku hosting apython flask application error
- heroku cannot work with my python script
- Deploying Flask app to Heroku