I have a question about Heroku.
When I try to add new domain with example.
the new domain has to be www.example.com.
If I use example.com. it has ACM problem, no matter how I change the setting in google domains, it goes wrong.
Then fine, I keep the www.example.com one, and web works with setting in google domain
www CNAME 1h www.example.com.herokuapp.com
however, for some reason, I need to add a new subdomain:
auth.example.com
and in my googles domain setting,DNSdata is connect others,not heroku
auth CNAME 1H someDNSdata
then the problem comes out, there is automatically SSL for my web, but it only apply to www.example.com. it doesn't apply to auth.example.com.
i can't adda new domain auth.example.com in heroku because there is
auth CNAME 1H someDNSdata
in the google setting.
I want my SSL in heroku apply for all subdomain.so what should i do??
PS:i have forward
example.com -->https://www.example.com
in additional problem,
if i type www.example.com,it goes http one,
if i type example.com, it goes https one.
why would that happen?? I set # in subdomain forwarding, but it comes out
example.com -->https://www.example.com
doesn't # mean all subdomain will go to https://www.example.com??
Related
I have a 1&1 IONOS domain for my heroku app. the www subdomain works fine, with a CNAME setup for it. but I'm trying to redirect the root url to the www subdomain. this also works fine for http, but if the url is typed in as https://example.com, I get a ERR_SSL_PROTOCOL_ERROR (on chrome, other browsers have different errors). this is on any device, regardless of clearing cache and history etc.
my heroku logs show it's never reached, so it must be an issue within 1&1.
theres an ssl cert set on the domain with 1and1, as well as heroku's ACM.
any ideas?
To make the four URL variations (http://example.com, http://www.example.com, https://example.com, and https://www.example.com) point to a different SSL hosted site (heroku, cloudfront, etc), you need three things in IONOS:
Under DNS settings, add a CNAME entry for the www subdomain that points to your SSL hosted site (example.herokuapp.com)
Set up an HTTP Redirect under Domain Forwarding to https://www.example.com (don't check the box that states "Also set up for www subdomain")
Make sure you have an SSL wildcard certificate for *.example.com installed and attached to your domain in IONOS
It looks like all you are missing is number 3. After that, the redirect that you have setup should work as expected.
Note: example.com should be replaced by your actual domain in all of the above.
I've been struggling with the configuration of my DNS app on Heroku. Things I want to accomplish:
www.example.com and example.com , both with SSL config (HTTPS)
Things I tried so far ...
GoDaddy Settings:
CNAME | www | example.com.herokudns.com
FOWARDING to
https://www.example.com
However, this setup is working great with HTTP only, but I'm getting a "Your connection is not private" error when I type the https.
I checked several tutorials and none address this issue.
PS: I'm using the SSL automatically managed from heroku.
SOLVED IT
Getting the naked domain set up with Godaddy easily: Set forwarding to your domain: https://www.my-domain.com. This will redirect non www to the correct place.
With that, I don't actually need to add a second domain in heroku (example.com).
Just keep the www.example.com, turn the SSL on, go to go daddy and redirect. This is working for me so far....
I have a static html site hosted on a s3 bucket. I have generated a free ssl certificate with let's encrypt which I imported into ACM.
certbot --manual --server https://acme-v01.api.letsencrypt.org/directory -d example.com -d www.example.com
I have setup cloudfront to use that certificate.
On my DNS provider (namecheap) I have set a CNAME that points www to the cloudfront domain name, and also put a redirect from mydomain.com to www.mydomain.com
Now if I go to
https://www.example.com, it works
https://example.com, it hangs until it times out
Can someone tell me what I'm a missing ?
On my DNS provider (namecheap) I have ... put a redirect from mydomain.com to www.mydomain.com
There's the problem. Your "DNS provider" has a redirect service that doesn't support HTTPS. There is no way they can -- a redirect can only occur after an HTTPS connection is made, and an HTTPS connection requires a valid certificate.
Redirects are never actually done in DNS, though your provider's interface may give you that impression. Redirects are always done with a web server. Your provider has a web server that they provision and point the DNS there when you configure one hostname to redirect to another.
In short, there's not really a way to do this at the domain apex without using Route 53 as your authoritative DNS host. You don't have to transfer your domain name registration to the Route 53 registrar, but you'll need to use Route 53 for your DNS, and you'll need a second bucket and a second CloudFront distribution -- see Supporting HTTPS URL redirection with a single CloudFront distribution.
I have 2 domains, one at Register.com and one at Godaddy. I need them both to point to one Heroku app, and the following scenarios to work:
http://domain1.com
http://domain2.com
http://www.domain1.com
http://www.domain2.com
https://domain1.com
https://domain2.com
https://www.domain1.com
https://www.domain2.com
All of the above should all end up at one heroku app at https://www.domain1.com
Being that it's Heroku, I have no access to the .htaccess, and I've heard you're only allowed one SSL cert per app. I also have forwarding setup at GoDaddy, but apparently forwarding does not work if you try to forward from https on a non-hosted app.
Your cert has to match the domain name that the client will try to answer, this means that when you make it the Subject Alternative Names (SANs) have to include www.domain1.com, domain1.com, www.domain2.com, domain2.com, and the domain/ip of your actual heroku app.
For your DNS records, if the heroku app is at a Fully Qualified Domain Name (FQDN), and not an ip then follow these steps:
Forward your root domain, e.g. example.com to www.example.com, and make the CNAME record www. 300 IN CNAME domain.of.heroku.app
If the heroku app is reachable at a static ip follow this:
Make an the following A records for both your domains:
# 300 IN A ip-here
I am working on setting up SSL with Heroku and Namecheap.
On Heroku I currently have the domains:
Domain Name - DNS Target
www.app.domain.io - www.app.domain.io.herokudns.com
www.domain.io - www.domain.io.herokudns.com
On NameCheap I have:
Type - Host - Value
CNAME Record - app - www.app.domain.io.herokudns.com
CNAME Record - www- www.domain.io.herokudns.com
URL Redirect Record - # - https://www.domain.io
CNAME Record - www - https://www.domain.io
What works:
www.domain.io works fine and does not redirect to include https
domain.io just fails to reach a site
https://www.domain.io works great!
https://domain.io fails to reach a site.
http://www.app.domain.io/ fails to reach a site.
https://www.app.domain.io/ fails to reach a site.
http://app.domain.io/ reached the heroku nothing there yet page.
Ideally, all pages should always redirect to include https and www. Any idea what I'm doing wrong?
I fixed the problem. I added redirect records so that if the url was entered with or without www and with or without https it would be redirected to include https and www. This required 4 redirects for the domain.
In addition, the app.domain.io url had not content because I hadn't set something up there yet. I was planning on using the app.domain.io for a new heroku app later on.
Remember to wait long enough and try clearing your cache to see if the issue is resolved.
Edit
In my domain settings under Redirect Domain
Source Url Destination Url
domain.xyz https://www.domain.xyz/
www.domain.xyz https://www.domain.xyz/
The above ensures https is always used.
In my domain advanced DNS settings under Host Records
Type Host Value TTL
CNAME Record www <link from heroku> 30 min
URL Redirect Record # https://www.domain.xyz/ unmasked
URL Redirect Record www https://www.domain.xyz/ unmasked
This is what you need to do on namecheap to work with a heroku app. There is more to do on the heroku side of things.
In Heroku under app settings there is a Domains and certificates section.
You can add your domain there. This will create a DNS Target which is what you put in the <link from heroku> block from above. Heroku will also let you use LetsEncrypt and they will automatically refresh your SSL certificate.
Remember to wait awhile between changes. DNS changes can take up to 24 hours to apply.
For anyone using Heroku, Django, and namecheap that still has a similar problem (i.e. you have a working https website, but http is not automatically routed to https), you also have to set SECURE_SSL_REDIRECT = True in your settings.py file. Making this addition fixed the issue in my case.
This change, in addition to the URL configurations posted in #Programmingjoe's answer, should fix the issue.