I have an application on Heroku. I cname-redirect https://login.zenconomy.se to https://boomeranglogin.herokuapp.com/
I get the following (yellow) error in chrome:
This is probably not the site you are looking for!
You attempted to reach login.zenconomy.se, but instead you actually reached a server identifying itself as *.herokuapp.com. This may be caused by a misconfiguration on the server or by something more serious. An attacker on your network could be trying to get you to visit a fake (and potentially harmful) version of login.zenconomy.se.
You should not proceed, especially if you have never seen this warning before for this site.
Why?
If you want to use SSL and HTTPS on Heroku with a custom hostname (like login.zenconomy.se), you have to purchase the SSL endpoint add-on, get a certificate and configure the setup as described on Dev Center.
Related
I have a web application running on Heroku that is experiencing some unusual behaviour. My DNS is CloudFlare and I'm running CloudFlare SSL certification that is Manually added to Heroku.
The problem is subtle at first. It looks like when I visit the root domain youworkremotely.com on a new browser or device I initially get an Error 526. However, If I subsequently visit www.youworkremotely.com I am able to enter the site and proceed as normal. The odd behaviour begins when I attempt to revisit the root domain youworkremotely.com I no longer see the Error 526 and it is redirected to www.youworkremotely.com.
Any of you guys/girls understand what is happening and can help me fix the issue?
This has been resolved.
Initially the A record still pointed to the old IP address from the previous DNS provider but the CNAME record pointed to the correct heroku DNS URL. Updating the A record to the heroku provided DNS URL resolved the issue.
I've followed the guide here for SSL to be automatically configured on my site. It does have the certificate when I visit mysite.herokuapp.com. When I go to my real domain, mysite.com, the site is completely reachable but doesn't seem to have the certificate. I'm pointing the DNS entry to the exact result of 'heroku domains'; note that this entry has not changed since I added SSL it seems. It ends in a .herokudns.com not .herokuapp.com or herokussl.com like I've seen in some of the previous answers on Stack Overflow. I assume that Heroku recently changed this requirement for setup.
I've already waited a few hours. I assume I must be doing something wrong, but I think I've followed the guide correctly, and there are so few steps, so I'm at a loss...
As Chris pointed out in the comments, the solution was heroku is doing something which prevents normal redirection of http to https. This post is very helpful for node js:
https://jaketrent.com/post/https-redirect-node-heroku/
This is my first time getting an SSL certificate for my website. I followed this tutorial https://devcenter.heroku.com/articles/automated-certificate-management
heroku certs:auto displays that Status is "Cert issued". I get no errors. I use git push and the website is still not certified. What could I be doing wrong?
Old question, but if anyone else runs into this problem, which I was just battling myself, here was my problem:
When following the Heroku dev center guide on how to point a custom domain to your herokuapp, the guide says, among other things:
"Create a CNAME record to map from www.example.com to example.herokuapp.com or your SSL endpoint if using SSL."
Neither one of these alternatives are, however, the way to go now (SSL endpoint is considered legacy at Heroku). Instead, once you have added your custom domain correctly, simply:
In Heroku CLI, run "heroku certs:auto:enable" to enable ACM.
Point your domain's DNS records at the Heroku DNS target for your custom domain, which you can find by running "heroku domains"
Wait a little.
This should do it.
I run a website affectionaries.com that has a valid SSL certificate hosted by Hostgator.
It has come to my attention that when searching in Google for terms such as "Affectionaries" or "Cupcakes Runcorn" an other domain appears higher up the SERP's using my meta data an is unrelated to my business. If you click the link for (https://www.miamiboxpanama.com/) then it takes you to an insecure warning page! Under advanced it tells you:
www.miamiboxpanama.com uses an invalid security certificate. The certificate is only valid for the following names: affectionaries.com, www.affectionaries.com Error code: SSL_ERROR_BAD_CERT_DOMAIN
I can not figure out what is going on here...
So far I can see that this domain is on the same nameservers and IP address as my site.
Has anyone have experience with this and know a solution to resolve this matter?
www.miamiboxpanama.com resolves to the same IP address as affectionaries.com (192.254.231.2). So both names lead to the exact same web server, and therefore also the exact same SSL certificate. Since that certificate is only for the name affectionaries.com, the browser correctly issues a warning when the name it used was www.miamiboxpanama.com.
This looks like a configuration error at Hostgator. You may want to contact them and ask what's going on.
<--------- Update ---------->
So I tried using digicert instead of SSL Labs and this is what I got. This is why my ssl isn't working properly with CloudFlare and Heroku.
<--------------------------->
For some reason, my CloudFlare SSL isn't working properly and I continuously get this error. Really lost and could use some help. Below are screenshots of the error and my CloudFlare Crypto Settings.
I have fixed the issue here. Turns out it was a simple fix. All you have to do on CloudFlare is make sure the subdomains e.g. www are routed through cloudflare as well instead of through the primary host e.g. heroku.
You can do this by clicking on the cloud next do you CNAME record and making sure it's orange.
I also recommend using www.digicert.com instead of www.ssllabs.com because you get a lot more helpful information.
Cheers,
Have you tried using an SSL testing tool like https://www.digicert.com/help/ or https://www.ssllabs.com/ssltest/index.html ? They might help narrow down where the problem may be.
Good luck!