Reputation: 5239
namecheap DNS config does not work with https on Heroku custom domain
I'm very confused with how to setup namecheap and heroku so they work together to serve custom domains over https.
I'm using heroku ssl beta, by the end of the configuration, heroku has updated its domain map like this:
myapp.com myapp.com.herokudns.com
www.myapp.com wwww.myapp.com.herokudns.com
The ssl certificate has been added to heroku successfully, I know it because I can access https://myapp.herokuapp.com with a green padlock.
The next step should be modifying namecheap DNS, I followed this tutorial
The entries I added are:
CNAME Record www myapp.herokuapp.com
URL Redirect @ https://www.myapp.com
That should be it, but it doesn't work as I expected.
If I type myapp.com, it goes to https://www.myapp.com (so the redirect works), but without a padlock.
The same if I go to https://www.myapp.com directly.
I'm sure it's not because the change hasn't taken effect yet, because I have messed around with other domains and it already take effect after 5min or so.
Can someone please tell me what is the problem?
Upvotes: 14
Views: 6204
Answers (3)
Reputation: 41
Your solution (using CNAME for @) in Namecheap works for https fwding to amazon ELB instances too. My domain is served by Namecheap. Their recommendation (incorrect as you pointed out) was to URL fwd https traffic for my domain (x.com) to my amazon elb instance (which has my ssl cert for x.com). URL fwding gets a conn refused error from NameCheap's servers.
Using a CNAME for @ displays a nice green secure seal for https URLs. I also added a CNAME www to the same amazon elb instance for non-https traffic.
Upvotes: 2
Reputation: 5239
I found out what's wrong, after uploading ssl certificate to heroku, I should stop using myapp.herokuapp.com, instead use myapp.com.herokudns.com, so in namecheap's DNS config, I should have the following:
CNAME Record @ myapp.com.herokudns.com
CNAME Record www www.myapp.com.herokudns.com
I don't think the redirect is necessary (even in Namecheap's document it says you should not set CNAME on bare domain, but should redirect www instead). I tried to use URL redirect record www https://myapp.com to replace the www CNAME record but it won't work.
Besides, when I created the certificate with lets encrypt, I only certificated domain myapp.com, but forgot www.myapp.com, so when access www domain, the browser complains certificate is from myapp.com, once I expanded the certificate to cover www.myapp.com, with the above config, all domains works fine with a green padlock.
Upvotes: 7
Reputation: 123260
You redirect to https://www.myapp.com. The browser expects a certificate for www.myapp.com there but according to your description there is only a certificate for myapp.herokuapp.com. Because the hostname in the URL does not match the subject of the certificate the browser complains about the bad certificate.
Upvotes: 1
Related Questions
- Redirect https://example.com to https://www.example.com: Namecheap and Heroku
- Setting up a custom domain with Heroku and namecheap
- heroku-deployed application not secure
- How do you force HTTPS with Namecheap and Heroku?
- Node express.js heroku and Namecheap SSL problems
- Domain name not routing with Heroku and Namecheap
- Setting up HTTPS DNS with Namecheap and Heroku
- CNAME + PointDNS + HEROKU not working properly