Hello I am currently going through the tutorial below to add ssl to my heroku app
https://gist.github.com/shripadk/552554
so for today, I bought a domain name, set the cname to point to my heroku app
Currently my domain name is working.
I am trying to add ssl security feature to my app so secure.domainname.com works
Following the tutorial
heroku addons:add custom_domains:basic
I got an error
add ons not found
I can't find this add on on heroku as well. but I searched this command through stackoverflow and its suppose to exist?
I got the same error with this command
heroku addons:add ssl:hostname
but it also said adds on not found, later I found this same add on heroku but its with a different command.
This is the part that I don't get on the tutorial
After adding the ssl add on
This will add a $20/month (as of the time of this writing) fee to your Heroku bill for SSL.
VI: Setting up your DNS to work with Heroku Hostname SSL
You should recieve an email from heroku within a few minutes of adding the ssl:hostname addon. You need to add a CNAME record to your DNS that points to the AWS host in the email you receive. This should be pretty self explanatory, but if you have any questions, search for 'adding a CNAME record' in Google and you'll see lots of good guides.
Test that 'host secure.yourdomain.com' outputs 'something.amazonaws.com'. If it does, you're all set.
You should now be able to go to 'https://secure.yourdomain.com' and not see any errors or security warnings.
What is going on behind the scenes
When a user visits your site using 'http://secure.yourdomain.com', they're hitting your GoDaddy CNAME record, which points to an 'something.amazonaws.com' address which effectively routes the request to Heroku's grid, and a secure connection gets established from there following the standard SSL handshake process.
I didn't get an email, neither does appname.herokussl.com exist?
Am I suppose to use Zerigo DNS? for anything, its mentioned once in the top of the tutorial but not anywhere else?
From reading the comments, someone got a problem with the end part as well.
Thanks!
I followed this tutorial for both heroku and for my own server setup and when trying to setup on heroku for the first time I did not do it correctly so I will explain some of the important steps when setting up ssl on heroku.
Use OpenSSL to generate a new self-signed certificate ('host.csr') using the host key we just created. This is what you'll be sending to
GoDaddy to model your new SSL after.
At the step above make sure you fill in the information correctly and also make sure your common name matches your ssl certificate name.
2. Combine 'secure.yourdomain.com.crt' and 'host.key':
You will need to combine your ssl keys. If you're using godaddy there are 2 files included name gd_bundle.crt and secure.yourdomain.com. Upon during the tutorial you will generate about 5-6 files in which you will only use 1.
Remove pass phrase from the public key certificate (required by Heroku)
In order for heroku to read your ssl cert you will need to remove all passwords on the certs so make sure the passwords are removed. There will be two files depending on how you have combined them with the extensions .pem and .key (The updated ones not the ones you started with).
You've most likely added the domain and subdomain so now through the command line run
heroku ssl:add ../ssl-cert/public.pem ../ssl-cert/private.key
Remember get the path of the newly updated files. Also when editing the files and copying over keys make sure there are no white spaces in between keys. Let me know if this helps.
Related
I have my main app (Ruby on Rails) hosted with Heroku, DNS managed by DNSimple. It is served using SSL with a wildcard certificate. myapp.com and www.myapp.com, both work correctly.
The issue starts when I try and direct some subdomains to other services. For example I want blog.myapp.com to point to our instance of Ghost.org. I am also trying to point data.myapp.com to a different heroku app that we use for reporting purposes.
I don't need/want either of these subdomains to use SSL but it seems no matter what I try, that they try and fail to load the HTTPS version.
To be honest I'm confused where this is being triggered from. Where should I be altering the configuration. My Rails App, Heroku, DNSimple, the SSL cert, somewhere else entirely?
I have managed to solve this issue by clearing the browser cache on my machine.
I'm not sure what caused it to force SSL to begin with but the current configuration seems to be now be working.
I'm getting some errors on my rails app that's doing a lot of cross domain stuff, and i'm trying to find a minor fix for this.
Is it possible to have multiple /cable url's inside the production file so that it uses both or whichever works?
example code:
config.web_socket_server_url = ['wss://example.herokuapp.com/cable', 'wss://www.example.com']
i've tried this, but unfortunately it doesn't work.
If you are using two heroku app, you can store the url of you app to a environment variable and reference that variable in you configuration. First in you terminal
heroku config:set -a YOUR_APP_NAME RAILS_HOST="YOUR_APP_URL"
then set the configuration
config.web_socket_server_url="wss://#{ENV['RAILS_HOST']}/cable"
If your second app is not a in-app case, then your should store complete url for both apps and use
config.web_socket_server_url=ENV['RAILS_HOST']
I'm about to rename my Heroku app from the default one that it started with - just some jibberish, really - to something that's a little more sensical. I'm also about to wire it up with a custom domain. Is changing the app name going to cause any problems? I've read the docs and it seems like it'll be okay but wanted to ask to be sure that there weren't any namespace issues, etc. Thanks!
If you have already configured custom domain on Heroku app. And then changed the name of the application on heroku, then you will need to update the required CNAME and A record which are pointing to earlier.herokuapp.com
If you haven't added the custom domain yet, rename the app first, then add the domain.
Good luck
You can use command line also just use below command from your project folder, by below command you no need to point to new from your git. It will automatically update your git too.
heroku apps:rename NEWNAME --app APP
NEWNAME is your new name for your heroku app
APP is old name already existing one.
If you don't know exatly the old name then you can able to view list of names and their addresses by below command
git remote -v
I have developed a RoR app. I would like to update it to handle more than one customer. For instance, one customer might use ame.requestsys.com and another would be slc.requestsys.com.
Currently on Heroku, I have requestsys.com and www.requestsys.com
I was told that I need to have *.requestsys.com --> is that correct?
If yes, why won't Heroku let me add it?
Thanks
From the command line in the directory of your app do:
$ heroku domains:add *.requestsys.com
You can also do it from the heroku dashboard.
Then setup a CNAME in your DNS accordingly to point to yourapp.herokuapp.com
Try this guide for more info: https://devcenter.heroku.com/articles/custom-domains#wildcard-domains.
Basically what you wanna do is a multitenant app, there are a couple railscasts on the subject:
http://railscasts.com/episodes?search=multitenancy
But thats beyond the scope of the question.
I am having trouble with my site with precompiled assets looking nothing like my site with assets served on-the-go. So I figured, I should try things out in production.
Here's the problem, when I do, I get:
!! Invalid request
in my terminal log and in my browser I see
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
The graphic designer is not amused at the mess thats up right now, and I'd love to be able to reproduce the problem. Any ideas on how to get past this SSL issue?
The only way that I've ever been able to get sites implementing SSL working on my development box in production mode has been to set up Apache in front of my rails server (Webrick, or whatever). This is kind of a pain to set up, but it works. You should be able to find a guide on how to set it up using your exact configuration with a quick search. Another option would be to enable SSL via a configuration file, instead of by environment, so you could simply disable it regardless of your current environment. This is assuming everything else is actually correct and working...