stackoom
  简体   繁体   中英

Heroku SSL error: key doesn't match PEM certificate

 原文  2011-08-03 18:04:15       ssl/ heroku

Question

I am trying to generate a self-signed certificate using the instructions that Heroku suggests here: http://www.akadia.com/services/ssh_test_certificate.html

This creates sever.key and server.crt.

I then try to add them to heroku using the following command:

heroku ssl:add server.crt server.key and I get the following error

Domain name not found. Make sure the domain mycorrectdomain.heroku.com is added to your Heroku app / Key doesn't match the PEM certificate

Here is the contents of the server.crt file: 

-----BEGIN CERTIFICATE-----
MIICvTCCAiYCCQDyHGnBdtovbzANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMC
VVMxCzAJBgNVBAgMAkNBMRIwEAYDVQQHDAlQYWxvIEFsdG8xEzARBgNVBAoMClR1
dG9yQ2xvdWQxETAPBgNVBAsMCFNvZnR3YXJlMSMwIQYDVQQDDBp0ZXN0LXR1dG9y
Y2xvdWQuaGVyb2t1LmNvbTElMCMGCSqGSIb3DQEJARYWYmxhaXJAbXl0dXRvcmNs
b3VkLmNvbTAeFw0xMTA4MDMxNzQ4NDdaFw0xMjA4MDIxNzQ4NDdaMIGiMQswCQYD
VQQGEwJVUzELMAkGA1UECAwCQ0ExEjAQBgNVBAcMCVBhbG8gQWx0bzETMBEGA1UE
CgwKVHV0b3JDbG91ZDERMA8GA1UECwwIU29mdHdhcmUxIzAhBgNVBAMMGnRlc3Qt
dHV0b3JjbG91ZC5oZXJva3UuY29tMSUwIwYJKoZIhvcNAQkBFhZibGFpckBteXR1
dG9yY2xvdWQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqWEjXRDo0
CBzoIqnpzPN6Ussf476JDX+9uCkpaSyR6Oxarjpc55lw+Mnb9UNiBWPS6JJ/Hq2c
CgkGD9uu11OXRCRvsZeyJjd2YT1B+XZsXrKZVj2C2dj1r6DXzAV2G5EwWJDklaH3
x1uA+muPt7NZ4Dz2WNv9FMyicTTCdMhWlwIDAQABMA0GCSqGSIb3DQEBBQUAA4GB
AJYAgjiHyUxyeFRR2nJ3CLanjNtkzVz+Dk7pdu/p0P35YpYhE95q76xgcOFasWe2
+pUwxTjtQvhc0BRHjohSjiF8+ZFLRfsPq9kmh55AFzDj7V8dzUek4yVyZRtcIdNQ
Gx8I5g8vJClLnHbYQlaCupVIxVZqnp7SKeeshduCsJ/8
-----END CERTIFICATE-----

Any ideas?

2 answers

solution1
 6 ACCPTED  2011-08-24 16:05:01

Just in case others are getting this error - I was getting the same error setting up a test hostname SSL certificate for my app.

The answer was that I had not added the domain name the certificate was for first - it does not explicity say this in the Heroku SSL docs. So before adding the cert do: 

heroku domains:add secure.mydomain.com

and then you can add the certificate: 

heroku ssl:add ssl.crt ssl.key

solution2
 3  2011-08-03 18:10:03

Have you added the SSL addon on your heroku app setting?

Also, you shouldn't be posting your private key online since it's supposed to be... well... private.

I suggest you generate a new key pair for your app.

EDIT:

You mentioned that you enabled the piggyback SSL, in which case, you don't need to generate your own keys. See this :

An app specific SSL certificate is not required for Piggyback SSL. The *.heroku.com wildcard SSL certificate is used for all apps. You can view information about this certificate by visiting https://heroku.com/ and clicking the lock icon in your browser.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SSL/TLS certificate management (key, crt, and pem) Private Key doesn't Match Certificate SSL Certificate issue: CN entry doesn't match with hostname in URL SSL Library Error (key values mismatch), but the certificate files DO match KAFKA SSL connectivity using pem key and client certificate SSL Certification Error > hostname doesn't match GCP SSL Certificate Installation Error "The Certificate data is invalid. Please ensure that the private key and public certificate match Reissued SSL certificate but doesn't have .key file can't install SSL pem certificate android 10 where should we put key.pem and certificate.pem file for SSL?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM