I have two domain names pointing to one Heroku app. One domain name is always used over https. I have a wildcard certificate for that domain. That, combined with the fact that I can only have 1 SSL certificate installed on a Heroku app, leaves me to force the other domain name to http. I have installed the SslEnforcer gem to take care of this for me. However, since Heroku now gives me default Piggyback SSL on my app, when I try to access my non-secure domain over https, it first hits the Piggyback SSL certificate, which yields a security error, since I'n not on the *.herokuapp.com domain. It never got to the SslEnforcer redirect.
So it seems that I desperately need to disable or remove the default Piggyback SSL. Is there a way to do so? Or is there another solution anyone can think of?
Related
I have a website called http://jobdirecto.com/ that I want to turn into HTTPS.
The site is hosted in Heroku and the domain I got from Namecheap.
I got the paid version of Heroku since that lets me configure the SSL (and I think that's what I have to configure to make it HTTPS). They ask me for a "public certificate" that I don't have though.
I also bought a SSL from SSLs.com and they gave me a private key but no public certificate.
I am lost in what I have to do now to make my website secure.
There's no need to purchase anything. Use Heroku's Automated Certificate Management, which is powered by Let's Encrypt:
Run heroku domains and make note of the .herokudns.com domain it lists
Set up a CNAME record for your custom domain pointing to the .herokudns.com domain from the previous step
Run heroku certs:auto:enable to start the certficate provisioning process
Run heroku certs:auto to see your certificate's status
Please note that
It usually takes between 45 and 60 minutes to generate a TLS certificate for your app’s custom domains
This will let your site run over HTTPS, but it won't automatically redirect requests from HTTP to HTTPS. To do that we'll need to know more about your application.
I've got a heroku free plan, which is running on a custom domain with the PointDNS add-on so it can provide nameservers for DNS provider, if that matters.
I've got the website up and running on my custom domain, on https, but the ssl certificate points to *.herokuapp.com.
I suppose I need another SSL certificate for my custom domain, but after looking around for a long while I still couldn't find anything that doesn't require a paid heroku plan.
Is it even possible to add an ssl certificate, on a free heroku plan, on a custom domain? If so, please help me out.
I'm really over my head here and my knowledge about anything-ssl or dns is very limited.
From the PointDNS add-on doc (https://devcenter.heroku.com/articles/pointdns), I don't see how you can do this easily.
But, if you have purchased the domain (and not ddns), this should be pretty easy with cloudflare.
Setting up a Custom Domain name and FREE SSL certificate for Heroku Apps
Add DNS record to point to your site and redirect to heroku.
Enable the Crypto certificate, after this the certificate will be automatically distributed by Cloudflare.
I'm trying to set up https connection in one of my API.
I normally make requests to my API through this address: http://vps234602.ovh.net:8090
I'd like to be able to make https requests.
I tried to make a redirection in OVH panel, from api.uphair.fr to http://vps234602.ovh.net:8090.
Then I used the zerossl certificate wizard to build the certificate.
In the "domains" field, I typed
www.api.uphair.fr api.uphair.fr
Then I builded the certificate and the DNS verification went well (I was able to add new TXT entries in my DNS zone according to what zerossl was asking).
Then I followed the steps to add this certificate in IIS for my API.
When I'm trying to connect to https://api.uphair.fr the redirection is good but I got the error:
:ERR_CERT_COMMON_NAME_INVALID
I did this for another site in IIS, https://partenaires.uphair.fr and it works well.
Does Anybody know what I'm missing here ? Do I just have to wait for the DNS propagation ?
Thanks for your help.
I have developed a multi tenant app, using PHP and Apache. By default each client has a free subdomain like customer.app.com. But they can point their custom domain to the application, For this they needs to change the A record of their domain to point to the IP of the app.
One of our users, wants to use his custom ssl certificate, to run the app via https in his custom domain.
My question, is how i can make to allow all customers, can use their custom ssl certificate in their domains.
The only way to make this work is to make an entry into Apache for each subdomain, so it knows what certificate to load. You could make one giant .conf, or you could make one .conf per subdomain. Make sure you're using a version of Apache that supports Server Name Indication (Apache 2.2.12 or later), or you'll have to have an IP per certificate.
I am new to SSL concept. I am having a Rails 3.2 application running on heroku.
Can anyone please clarify me about the following things:
If I am having a heroku application "http://example.herokuapp.com", can I add SSL certificate to it without having any own domain (like www.example.com). If so, could you please provide a reference url to that process.
If the above thing is possible, in future if I own a domain (like www.example.com), can I add the same SSL certificate to that domain. Or I need to have a new SSL certificate for it. Or pointing secured (https) url of that application to the new domain (like www.example.com) is sufficient?
Thanks in advance.
Regards,
K. Subrahmanyam
You don't have to buy or add anything to use SSL and HTTPS on the .herokuapp.com subdomain, it comes with piggyback-SSL for free out of the box. I.e.: https://example.herokuapp.com/
If you add a custom domain and want SSL on that, you also have to buy a certificate for the domain and add the relevant add-on. That's documented on Dev Center.