堆栈内存溢出
  简体   繁体   English

将 PointDNS 用于非 www 并处理 SSL

[英]Using PointDNS for non-www and handling SSL

 原文  2018-07-16 18:31:54       ruby-on-rails/ ssl/ heroku/ dns/ subdomain

问题描述

I've been using Heroku to host my app (www.justbooked.com) and godaddy is where the domain is stored.我一直在使用 Heroku 来托管我的应用程序 (www.justbooked.com),godaddy 是存储域的地方。 For some reason, recently the non-www version eg justbooked.com is no longer working.出于某种原因,最近非 www 版本(例如 justbooked.com)不再有效。

It seems like GoDaddy doesn't provide ANAME / ALIAS or other CNAME-style functionality for root-level domains (example.com). GoDaddy 似乎没有为根级域 (example.com) 提供 ANAME / ALIAS 或其他 CNAME 样式的功能。

I would like to know how I can get justbooked.com to work like www.justbooked.com.我想知道如何让 justbooked.com 像 www.justbooked.com 一样工作。 Is this possible with Godaddy in any other way? Godaddy 是否可以通过其他方式实现这一点? Bare in mind, I have SSL certs etc...请记住,我有 SSL 证书等...

If this is not possible with GoDaddy, then using something like PointDNS may work, but I'm still not sure how to configure PointDNS with my existing SSL cert.如果 GoDaddy 无法做到这一点,那么使用 PointDNS 之类的东西可能会起作用,但我仍然不确定如何使用我现有的 SSL 证书配置 PointDNS。

Any help here would be great, goal is to get justbooked.com (non-www) working!!!这里的任何帮助都会很棒,目标是让 justbooked.com(非 www)工作!!!

Thanks!谢谢!

2 个解决方案

解决方案1
 2  2020-06-08 13:16:48

I guess your problem might already be solved by now, but for the sake of helping people like you and me in the past (found this topic 4 weeks ago when I had the same problem), I'm writing a step-by-step tutorial on how to get PointDNS working for www and non-www domains on HTTPS.我想你的问题现在可能已经解决了,但为了帮助像你我这样的人过去(4周前我遇到同样的问题时发现了这个话题),我正在写一个循序渐进的关于如何让 PointDNS 在 HTTPS 上为 www 和非 www 域工作的教程。 Read all steps, including the notes, before starting.在开始之前阅读所有步骤,包括注释。

  1. Create an add-on for PointDNS in your project by the Heroku's UI or by using the CLI command: heroku addons:create pointdns:developer通过 Heroku 的 UI 或使用 CLI 命令在您的项目中为 PointDNS 创建一个附加组件: heroku addons:create pointdns:developer
  2. Open the Heroku's UI and enter the PointDNS dashboard.打开 Heroku 的 UI 并进入 PointDNS 仪表板。 Look for the "Nameserver" tab and check out the list of nameservers.查找“名称服务器”选项卡并查看名称服务器列表。 Look for the ones that fit the most to you.寻找最适合您的。
  3. Copy the recommended number of nameservers (no more, no fewer), go to the place where you bought the domain (in your case GoDaddy) and edit the DNS servers to point for PointDNS.复制推荐数量的域名服务器(不多也不少),转到您购买域名的地方(在您的情况下为 GoDaddy)并编辑 DNS 服务器以指向 PointDNS。 Wait for at least 2 hours for these changes to take effect.等待至少 2 小时以使这些更改生效。
  4. Add both your www and non-www domains to Heroku custom domains list, either via Heroku's UI or using the CLI commands: heroku domains:add justbooked.com and heroku domains:add www.justbooked.com通过 Heroku 的 UI 或使用 CLI 命令,将您的 www 和非 www 域添加到 Heroku 自定义域列表中: heroku domains:add justbooked.comheroku domains:add www.justbooked.com
  5. Copy both DNS targets that appear by each domain (the one ending with .herokudns.com ).复制每个域出现的两个 DNS 目标(以.herokudns.com结尾的.herokudns.com )。 You can check the DNS targets either by the Heroku's UI or by using the CLI command: heroku domains您可以通过 Heroku 的 UI 或使用 CLI 命令来检查 DNS 目标: heroku domains
  6. Go to the PointDNS dashboard and add an ALIAS record for the root domain (non-www) and a CNAME record for the www domain;转到 PointDNS 仪表板,为根域(非 www)添加 ALIAS 记录,为 www 域添加 CNAME 记录; on each one, add the correspondent DNS target that you copied in the previous step.在每个目标上,添加您在上一步中复制的对应 DNS 目标。 Maybe the records for these 2 domains were created automatically when you added the PointDNS add-on;也许这两个域的记录是在您添加 PointDNS 附加组件时自动创建的; in that case just edit the DNS targets.在这种情况下,只需编辑 DNS 目标。
  7. Wait for 1 hour more and then Heroku will automatically set an SSL certificate for you using ACM (Automated Certificate Management).再等待 1 小时,然后 Heroku 将使用 ACM(自动证书管理)为您自动设置 SSL 证书。 If everything went right, you should have both domains working on HTTPS protocol now.如果一切顺利,您现在应该让两个域都使用 HTTPS 协议。

Notes:笔记:

  1. If you have more than 1 Heroku app using the same git codebase, you'll need to use the --app flag in the Heroku CLI commands.如果您有 1 个以上的 Heroku 应用程序使用相同的 git 代码库,则需要在 Heroku CLI 命令中使用--app标志。
  2. You said you have an existing SSL certificate.你说你有一个现有的 SSL 证书。 If you want to use that instead of the one given by the ACM, you'll need to set up a SSL endpoint.如果您想使用它而不是 ACM 提供的那个,您需要设置一个 SSL 端点。 To do that, before step 4 , create one by using the CLI command: heroku addons:create ssl:endpoint .为此,在第 4 步之前,使用 CLI 命令创建一个: heroku addons:create ssl:endpoint After that, upload your certificate using the command: heroku certs:add server.crt server.key --type endpoint .之后,使用以下命令上传您的证书: heroku certs:add server.crt server.key --type endpoint In step 5 , instead of the heroku domains command, use heroku certs .在第 5 步中,使用heroku certs代替heroku domains命令。 Use the endpoint DNS target (the one ending in .ssl.herokudns.com ) in step 6 .在步骤 6 中使用端点 DNS 目标(以.ssl.herokudns.com结尾的.ssl.herokudns.com )。
  3. Once you set up the domains and SSL certificates, you might also want to redirect all HTTP traffic to HTTPS.设置域和 SSL 证书后,您可能还想将所有 HTTP 流量重定向到 HTTPS。 You can only do that by coding the redirect logic into your application.您只能通过将重定向逻辑编码到您的应用程序中来做到这一点。 In the case of Ruby on Rails, you'll need to use config.force_ssl = true in your config/environments/production.rb or similar.对于 Ruby on Rails,您需要在config/environments/production.rb或类似文件中使用config.force_ssl = true
  4. You might see a lot of tutorials using the .herokuapp.com link instead of the .herokudns.com one as the DNS target in PointDNS.您可能会看到很多教程使用.herokuapp.com链接而不是.herokudns.com作为.herokudns.com中的 DNS 目标。 This might work for HTTP traffic, but your HTTPS sessions will fail.这可能适用于 HTTP 流量,但您的 HTTPS 会话将失败。 Use the .herokudns.com even if you're only using HTTP (maybe you're using the free hosting plan), because it'll be easier to set up HTTPS later.即使您只使用 HTTP(也许您使用的是免费托管计划),也请使用.herokudns.com ,因为稍后设置 HTTPS 会更容易。

References:参考:

  1. Heroku Dev Center: Custom Domain Names for Apps Heroku 开发中心:应用程序的自定义域名
  2. Heroku Dev Center: SSL Endpoint Heroku 开发中心:SSL 端点
  3. Heroku Help: Can Heroku force an application to use SSL/TLS? Heroku 帮助:Heroku 可以强制应用程序使用 SSL/TLS 吗?
  4. Heroku Dev Center: PointDNS (a bit outdated, but can be a good resource) Heroku 开发中心:PointDNS (有点过时,但可以作为一个很好的资源)

解决方案2
 0  2019-04-22 12:10:47

While pointing any website via pointdns you can use 2 ways , one is via cname and other is using service like pointDNS.通过pointdns指向任何网站时,您可以使用两种方式,一种是通过cname,另一种是使用pointDNS之类的服务。 If you want to run SSL specially on naked domain like justbooked.com in your case you need to you pointDNS here如果您想在像 justbooked.com 这样的裸域上专门运行 SSL,您需要在此处指向 DNS

PointDNS configuration is quite easy as you just need to add dns records from godaddy to pointDNS PointDNS 配置非常简单,因为您只需要将来自godaddy 的 dns 记录添加到 pointDNS

For SSL , either you can use ACM or add your own certificate in heroku setting.ACM uses let's encrypt SSL which is free but doesnot allow wildcard SSL.对于 SSL ,您可以使用 ACM 或在 heroku 设置中添加您自己的证书。ACM 使用让我们加密 SSL,它是免费的,但不允许通配符 SSL。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用SSL将www重定向到Nginx上的非www会提供重定向循环 - Redirect www to non-www on Nginx with SSL gives redirect loop 使用Rails 3.0.10的SSL重定向从非www到www和http到https - SSL Redirection with Rails 3.0.10 from non-www to www and http to https Apache + Passenger非www到www =>重定向太多 - Apache + Passenger non-www to www => too many redirects 使用正确的URL参数将非www重定向到www - redirect non-www to www with correct URL params Ruby on Rails重定向www。 到非www版本的网站 - Ruby on Rails redirecting www. to non-www version of site 将非 www 请求重定向到 Ruby on Rails 中的 www URL - Redirect non-www requests to www URLs in Ruby on Rails Nginx HTTPS问题从www重定向到非www - Nginx HTTPS issue to redirect from www to non-www WWW和非WWW URL。 两个不同的网站? - WWW and non-WWW URL. Two different sites? www 和非 www 版本的应用程序的不同会话 - different sessions for www and non-www versions of app 将我的域从 www 更改为非 www,现在不再创建我的 cookie - Changed my domain from www to non-www, and now my cookies are no longer being created
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM