I'm not very learned on ssl and certs in general as I have only recently started "really" working with them and understanding them. I have an issue.
I'm shipping a library for android which connects to a specific domain "derp.com". Each of my customers get a subdomain to access with the library. EG "customer.derpy.com"
So working with https on android can be a pain but its not the end of the world. I'm having issues where my cert isnt being trusted by all of the devices using the https of the server. I suspect this is why:
heroku certs --app my-app
Endpoint Common Name(s) Expires Trusted
------------------------ ---------------------------- -------------------- -------
cdepy412532.herokussl.com *.derp.com, derp.com 2013-04-05 22:36 UTC False
The certificate is being marked as untrusted. I suspect this is the cause of the issue as the devices are complaining that they cant verify the certificate. Why would this be?
The certificate is issued by a ca. I think its either rapidssl or geotrust.
Heroku SSL is a free feature that allows for the managing of SSL/TLS encryption for custom domains and relies on the Server Name Indication (SNI). Please note that Heroku SSL is currently available under Heroku paid plans only.
The most common cause of a "certificate not trusted" error is that the certificate installation was not properly completed on the server (or servers) hosting the site. Use our SSL Certificate tester to check for this issue. In the tester, an incomplete installation shows one certificate file and a broken red chain.
react-boilerplate can enforce https(redirect http to https) on heroku deployed apps(that has extra layer like cloudflare). var sslRedirect = require('heroku-ssl-redirect');const app = express();app. use(sslRedirect()); Now you get all connection to be on https.
Manually Upload CertificatesUse the certs:add Heroku CLI command to add a certificate and private key. It prompts for the custom domain with which to associate the certificate-key pair. $ heroku certs:add server. crt server.
I do hate answering my own question and would rather delete it but this may help someone else.
The issue in my case is that I had forgotten to combine the intermediate cert with the root cert.
This tutorial by Ryan McGeary was a great help.
My only advice is make sure you have the intermediary certs (pem or crt), root certs(pem or crt) and private key(key) from your boss or whoever received them. If you do not have all of these then you will get an untrusted cert on heroku.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With