stackoom
  简体   繁体   中英

SSL Certificate from RapidSSL with Heroku and CloudFront

 原文  2016-11-29 14:35:53       ruby-on-rails/ ssl/ heroku/ ssl-certificate/ amazon-cloudfront

Question

I missed the end date of my SSL certificate few days ago but I did buy the renew last month. My app runs with Ruby on Rails using Heroku and CloudFront for the assets . My SSL certificate come from RapidSSL .

Here is the process I did:

  • I got the RapiddSSL key by email that i store in a crt file
  • I ran the Heroku command line heroku certs:update cert.crt server.key -- app remote production

The command line heroku certs --app remote production results with a trusted status but when I open the URL browsers warns about that untrusted certificate.

At the same time none of application assets stored on CloudFront are available ( net::ERR_INSECURE_RESPONSE ). I asked for help on Heroku assistance, they told me that the SSL certificate for the app is OK but it's seems to need an update for assets certificate.

So I went to AWS consol e in aim to find CloudFront SSL configuration , I ended on ACM console page to give the RapidSSL certificate to resolve the problem but I cannot be sure to take the right files to do this.

What I need is to solve the access to the website and to the associated assets to ensure trust of my customers. What did I wrong? Am I missing something ?

Thanks for any help you can provide!

2 answers

solution1
 0  

Generally net::ERR_INSECURE_RESPONSE error occurres in SSL certificate when the browser found the mixed content warning. Which simply means few of your content is active with HTTP and others are active with HTTPS.

Please check your content portion, if you find any content which is active with HTTP, turn in into HTTPS.

solution2
 0  2016-12-01 07:37:04

It sounds like maybe the issue might be an outdated certificate on CloudFront.

If so, you can either upload your RapidSSL certificate using aws iam upload-server-certificate, or (I'd prefer) request a new certificate that you'll only use with CloudFront from AWS Certificate Manager. The latter is free, and AWS will autoupdate the certificate before it expires.

You can start this simple and quick process by going to your CloudFront distribution in AWS Console, and clicking Edit > Request or Import a Certificate with ACM

Once that is done, you will be able to choose the certificate from the Custom Certificate dropdown at the same location (screenshot) .

Note: If you upload your RapidSSL certificate, it must be uploaded to eu-east-1 (N. Virginia) in order to be used with CloudFront. Requesting ACM Certificates must also be done in this region

If you provide an URL to your website, it's easier to confirm this issue.

I scribbled some notes on this here with more details on uploading your own/RapidSSL certificate.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Add ssl certificate on heroku Heroku SSL security certificate not working: CNAME from Namecheap domain SSL Certificate WPEngine to Heroku Rails Free SSL security certificate on Heroku? Heroku SSL Certificate does not include cname Heroku SSL certificate for controlled group of users How should I refer to my SSL certificate in Heroku from my puma.rb? How do I set an SSL certificate for Resque on Heroku? Rails, DNSimple, Heroku and SSL - do I need a certificate? How do you install a LetsEncrypt SSL Certificate on Heroku
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM