-1

I have posted the question on stackoverflow. Someone was kind enough to down-vote and advised to post in here. I'm hoping i'm in the right place.

I have followed instructions on the following 2 sites to purchase, sign and configure and my site first warns about SSL and then shows "Application Error" screen. Obviously I have missed some thing critical but I cannot figure it out.

  1. First: https://gist.github.com/shripadk/552554
  2. Second https://devcenter.heroku.com/articles/ssl-endpoint

I have purchased SSL-Endpoint and Zerigo DNS Add-Ons.

On Heroku i have the following listed under Domains for my app:

  • mydomain.herokuapp.com
  • secure.mydomain.com
  • www.mydomain.com

On Zerigo DNS I have following configuration

  • Host: secure.mydomain.com CNAME: proxy.heroku.com
  • Host: www.mydomain.com CNAME: proxy.heroku.com

On GoDaddy Nameservers:

  • A.NS.ZERIGO.NET
  • B.NS.ZERIGO.NET
  • C.NS.ZERIGO.NET
  • D.NS.ZERIGO.NET
  • E.NS.ZERIGO.NET

CNAME (Alias): www Points To: something-2097.herokussl.com (output from heroku:certs command)

Not sure where to go from here and how to get this fixed. Any direction is much appreciated.

SaneSam
  • 1
  • 2

1 Answers1

1

my site first warns about SSL and then shows "Application Error" screen.

There are several possible interpretations of this error. I believe you mean the error caused by the Hostname mismatch.

On Zerigo DNS I have following configuration

Host: secure.mydomain.com CNAME: proxy.heroku.com Host: www.mydomain.com CNAME: proxy.heroku.com

That's the origin of the error. Your domains must point to the Heroku SSL endpoint (something-2097.herokussl.com), not the generic proxy endpoint. Moreover, keep in mind that the proxy endpoint has been deprecated in favor of the yourapp.herokuapp.com endpoint.

Change the DNS for your records to point to the SSL endpoint.

Simone Carletti
  • 1,494
  • 3
  • 15
  • 30
  • Simone, Thank you for the response. I made changes as you have suggested. The site is showing up now but still has SSL Warning. Under Technical Details it says "www.mydomain.com uses an invalid security certificate. The certificate is only valid for the following names: secure.mydomain.com , www.secure.mydomain.com". Please let me know if you have any suggestions or does this need to be a new post? – SaneSam Jan 19 '14 at 03:09
  • It means you purchased the certificate for the hostname `secure.mydomain.com` and you are trying to use it for `www.mydomain.com`. A certificate is valid only for the purchased hostname. For multiple hostnames under the same domain, you need to purchase a wildcard certificate. – Simone Carletti Jan 19 '14 at 11:41