Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Heroku ACM https only works on herokuapp

Tags:

ssl

heroku

lets-encrypt

I have a React app running on a professional Heroku dyno. It has a custom domain with naked redirect, registered via GoDaddy.

Based on the Heroku instructions and other StackOverflow posts I've read, I thought I had everything configured properly. And indeed when I go to https://www.myapp.herokuapp.com I get the correct behavior. However, when I go to https://www.mywebsite.com, I still get:

Your connection is not private. Attackers might be trying to steal your information.

heroku domains is:

=== myapp Heroku Domain
myapp.herokuapp.com

=== myapp Custom Domains
Domain Name        DNS Record Type DNS Target                                              
www.mywebsite.com CNAME           xxx-yyy-1234567.herokudns.com

That DNS address is what I've set my CNAME in GoDaddy to point to:

CNAME   www xxx-yyy-1234567.herokudns.com   1 Hour

heroku certs is:

Name                Common Name(s)      Expires               Trusted  Type
──────────────────  ──────────────────  ────────────────────  ───────  ────
tyrannosaurs-66282  www.mywebsite.com  2020-08-15 10:32 UTC  True     ACM

Finally, my heroku certs:auto is:

=== Automatic Certificate Management is enabled on myapp

Certificate details:
Common Name(s): www.mywebsite.com
Expires At:     2020-08-15 10:32 UTC
Issuer:         /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
Starts At:      2020-05-17 10:32 UTC
Subject:        /CN=www.mywebsite.com
SSL certificate is verified by a root authority.

Domain              Status
──────────────────  ───────────
www.mywebsite.com  Cert issued

From what I can tell, everything is set up correctly. What am I missing?

One thing that could potentially be an issue: I originally tried to set up SSL manually by registering my site on Let's Encrypt. But stopped and switched to ACM after Heroku kept redirecting to va-acm, preventing confirmation.

like image 612
Andrew Latham Avatar asked Sep 20 '25 01:09

Andrew Latham

1 Answers

Never mind, it did work, just takes a while to propagate. Leaving this Q up as a reference point so folks know what the correct configuration is.

Also, https always works for herokupapp. Has nothing to do with your ACM/DNS configuration.

like image 113
Andrew Latham Avatar answered Sep 23 '25 12:09

Andrew Latham
Sign in to Comment

Related questions

GitLab default url not secure

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!