I keep getting security certificate errors when I access my Heroku app connected to my site's subdomain. So far, I have successfully connected my website's subdomain (news.mysite.com) to my app using a Heroku domains and my nameserver but my site keeps routing to a https:// version of the herokuapp causing browsers to warn users about the sites certificate.
Can I remove the https routing to my app, or ensure that the browsers ignore the security certificate from Heroku?
CName:
| Host | Points to |
| www | sheltered-plains-7225.herokuapp.com |
| news | news.mysite.com | <-- Https Errors
If you need SSL and wish to use a custom subdomain then you must purchase a license for the subdomain and Add Endpoint for Heroku.
Heroku's SSL license is a wildcard that will cover all of it's own subdomains under *.herokuapp.com. So sheltered-plains-7225.herokuapp.com is covered but news.mysite.com is not.
If you do not need SSL then you should change your environment.
in /config/environments/production.rb change
config.force_ssl = true
to
config.force_ssl = false
this will route to http instead of https
It would normally be within your app that the redirect to https is done.
Unless you have the Heroku SSL endpoint add-on and an SSL certificate it will always error on https.
Related
I'm trying to set up SSL on my site that runs on Rails on Heroku. If I type any of following into the address bar of my browser, it loads:
www.example.com
example.com
https://www.example.com
But when I enter https://example.com (the root domain prefixed with https) Safari displays "This connection is not private". Why?
I have added www.example.com and example.com to my Heroku app.
heroku domains:add www.example.com
heroku domains:add www.example.com
I have configured the domain's CNAME and ALIAS to point to the DNS targets provided by Heroku.
Alias: # aaaaaa.herokudns.com.
CNAME: www bbbbbb.herokudns.com.
I have used heroku certs:auto:enable to configure Heroku to manage my site's SSL certification.
I have configured rails to force ssl in production:
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true
What do I need to do to ensure that the site loads correctly when the user enters the root domain prefixed with https into the URL bar?
I have a domain, example.com. It's running on hobby dynos in Heroku, so I figured I would enable Heroku Automated Certificate Management. I've set up Heroku like so:
=== example Custom Domains
Domain Name DNS Target
─────────────── ─────────────────────────────
example.com example.com.herokudns.com
www.example.com www.example.com.herokudns.com
My DNS settings are:
CNAME Record www example.com.herokudns.com.
URL Redirect Record # https://www.example.com Unmasked
However, neither the apex domain (example.com) or the www domain (www.example.com) work when I access the domain.
Help would be greatly appreciated.
I have a Rails 5 app with Heroku's SSL added. www.example.com and example.com works fine but when I preface my site with "https://" It doesn't work, but "http://" works.
I'm using Namecheap.com for my DNS. How do I go about getting "https://example.com" to direct to my heroku app?
What you need to do is :
You need to have SSL Endpoint addon added to your heroku app
It will provide a EndPoint URL for your heroku app.
https://devcenter.heroku.com/articles/ssl-endpoint
And you need to add SSL cert configured brought from third party vendors.
Then you can add CNAME record with with given EndPoint URL from SSL Endpoint plugin.
Make sure to add this in config/environments/production.rb
config.force_ssl = true
It will work then.
I currently have a Let's Encrypt certificate up and running on my root domain, https://www.myapp.com, which is working and serving a Heroku-based Rails app. The domain has a CNAME www to www.myapp.com.herokudns.com.
The site also has a Wordpress install running on www.myapp.com/blog, which forwards to blog.myapp.com using a reverse-proxy described here. The domain has an A record blog pointing at the IP address of the host, a shared hosting server.
I used certbot and have already confirmed the certificate via the ACME challenge. The cert includes both the root and subdomain.
Now I am at a loss as to how to get the subdomain to use the certificate. A visit to https://blog.myapp.com shows the "Your connection is not private" warning in Chrome.
What steps are necessary to get the subdomain cert working? I'm not sure I understand all the moving parts here and where to start. Thanks!
Edit for clarity:
Domain registrar: GoDaddy
Root domain: Heroku Rails app
Subdomain: Wordpress on HostGator
I am trying to set up a CNAME Record from my Namecheap domain to my Heroku app. I understand that Heroku offers a free SSL certificate if you use the default name rather than a custom domain. I am using a default name (example.herokuapp.com).
On Safari, I receive a "untrusted" popup and then it proceeds to load; on Firefox, I receive a connection untrusted:
www.example.com uses an invalid security certificate. The certificate is only valid for the following names: *.herokuapp.com, herokuapp.com (Error code: ssl_error_bad_cert_domain)
And Chrome refuses the connection.
My Namecheap Advanced DNS is set up as follows:
Type | Host | Value | TTL |
CNAME Record | www | example.herokuapp.com | 30 min|
URL Redirect Record | # | http://www.example.com [Masked] | |
heroku domains looks like this:
example Heroku Domain
example.herokuapp.com
example Custom Domains
Domain Name DNS Target
www.example.com example.herokuapp.com
example.com example.herokuapp.com
Is there something I am doing wrong that is causing this problem? My goal is to have the user be able to load the page by going to example.com, www.example.com, http://example.com, http://www.example.com, https://example.com, and https://www.example.com.
Thank you.
As you mentioned, Heroku only allow you to use their free SSL for the default example.herokuapp.com. You have to purchase your own SSL certificate if you want to use https for your own custom domain like example.com or www.example.com