堆栈内存溢出
  简体   繁体   English

Heroku SSL错误:密钥与PEM证书不匹配

[英]Heroku SSL error: key doesn't match PEM certificate

 原文  2011-08-03 18:04:15       ssl/ heroku

问题描述

I am trying to generate a self-signed certificate using the instructions that Heroku suggests here: http://www.akadia.com/services/ssh_test_certificate.html 我正在尝试使用Heroku在此建议的说明生成自签名证书: http//www.akadia.com/services/ssh_test_certificate.html

This creates sever.key and server.crt. 这将创建sever.key和server.crt。

I then try to add them to heroku using the following command: 然后我尝试使用以下命令将它们添加到heroku:

heroku ssl:add server.crt server.key and I get the following error heroku ssl:添加server.crt server.key,我收到以下错误

Domain name not found. 找不到域名。 Make sure the domain mycorrectdomain.heroku.com is added to your Heroku app / Key doesn't match the PEM certificate 确保将mycorrectdomain.heroku.com域添加到您的Heroku app / Key与PEM证书不匹配

Here is the contents of the server.crt file: 这是server.crt文件的内容: 

-----BEGIN CERTIFICATE-----
MIICvTCCAiYCCQDyHGnBdtovbzANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMC
VVMxCzAJBgNVBAgMAkNBMRIwEAYDVQQHDAlQYWxvIEFsdG8xEzARBgNVBAoMClR1
dG9yQ2xvdWQxETAPBgNVBAsMCFNvZnR3YXJlMSMwIQYDVQQDDBp0ZXN0LXR1dG9y
Y2xvdWQuaGVyb2t1LmNvbTElMCMGCSqGSIb3DQEJARYWYmxhaXJAbXl0dXRvcmNs
b3VkLmNvbTAeFw0xMTA4MDMxNzQ4NDdaFw0xMjA4MDIxNzQ4NDdaMIGiMQswCQYD
VQQGEwJVUzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCVBhbG8gQWx0bzETMBEGA1UE
CgwKVHV0b3JDbG91ZDERMA8GA1UECwwIU29mdHdhcmUxIzAhBgNVBAMMGnRlc3Qt
dHV0b3JjbG91ZC5oZXJva3UuY29tMSUwIwYJKoZIhvcNAQkBFhZibGFpckBteXR1
dG9yY2xvdWQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqWEjXRDo0
CBzoIqnpzPN6Ussf476JDX+9uCkpaSyR6Oxarjpc55lw+Mnb9UNiBWPS6JJ/Hq2c
CgkGD9uu11OXRCRvsZeyJjd2YT1B+XZsXrKZVj2C2dj1r6DXzAV2G5EwWJDklaH3
x1uA+muPt7NZ4Dz2WNv9FMyicTTCdMhWlwIDAQABMA0GCSqGSIb3DQEBBQUAA4GB
AJYAgjiHyUxyeFRR2nJ3CLanjNtkzVz+Dk7pdu/p0P35YpYhE95q76xgcOFasWe2
+pUwxTjtQvhc0BRHjohSjiF8+ZFLRfsPq9kmh55AFzDj7V8dzUek4yVyZRtcIdNQ
Gx8I5g8vJClLnHbYQlaCupVIxVZqnp7SKeeshduCsJ/8
-----END CERTIFICATE-----

Any ideas? 有任何想法吗?

2 个解决方案

解决方案1
 6 已采纳  2011-08-24 16:05:01

Just in case others are getting this error - I was getting the same error setting up a test hostname SSL certificate for my app. 以防万一其他人收到此错误 - 我为我的应用程序设置测试主机名SSL证书时遇到了同样的错误。

The answer was that I had not added the domain name the certificate was for first - it does not explicity say this in the Heroku SSL docs. 答案是我没有首先添加证书的域名 - 它没有明确说明在Heroku SSL文档中。 So before adding the cert do: 所以在添加证书之前: 

heroku domains:add secure.mydomain.com

and then you can add the certificate: 然后你可以添加证书: 

heroku ssl:add ssl.crt ssl.key

解决方案2
 3  2011-08-03 18:10:03

Have you added the SSL addon on your heroku app setting? 您是否在heroku应用程序设置中添加了SSL插件

Also, you shouldn't be posting your private key online since it's supposed to be... well... private. 此外,你不应该在网上发布你的私钥,因为它应该是......好吧......私密。

I suggest you generate a new key pair for your app. 我建议你为你的应用生成一个新的密钥对。

EDIT: 编辑:

You mentioned that you enabled the piggyback SSL, in which case, you don't need to generate your own keys. 您提到您启用了搭载SSL,在这种情况下,您不需要生成自己的密钥。 See this : 看到这个

An app specific SSL certificate is not required for Piggyback SSL. Piggyback SSL不需要特定于应用程序的SSL证书。 The *.heroku.com wildcard SSL certificate is used for all apps. * .heroku.com通配符SSL证书用于所有应用程序。 You can view information about this certificate by visiting https://heroku.com/ and clicking the lock icon in your browser. 您可以访问https://heroku.com/并单击浏览器中的锁定图标来查看有关此证书的信息。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 SSL/TLS 证书管理(密钥、crt 和 pem) - SSL/TLS certificate management (key, crt, and pem) 私钥与证书不匹配 - Private Key doesn't Match Certificate SSL证书问题:CN条目与URL中的主机名不匹配 - SSL Certificate issue: CN entry doesn't match with hostname in URL SSL库错误(密钥值不匹配),但是证书文件确实匹配 - SSL Library Error (key values mismatch), but the certificate files DO match KAFKA SSL 使用 pem 密钥和客户端证书连接 - KAFKA SSL connectivity using pem key and client certificate SSL认证错误>主机名不匹配 - SSL Certification Error > hostname doesn't match GCP SSL 证书安装错误“证书数据无效。请确保私钥和公共证书匹配 - GCP SSL Certificate Installation Error "The Certificate data is invalid. Please ensure that the private key and public certificate match 重新颁发 SSL 证书但没有 .key 文件 - Reissued SSL certificate but doesn't have .key file 无法安装 SSL pem 证书 android 10 - can't install SSL pem certificate android 10 我们应该将 SSL 的 key.pem 和 certificate.pem 文件放在哪里? - where should we put key.pem and certificate.pem file for SSL?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM