Heroku SSL "certificate is only valid for the following names: *.herokuapp.com, herokuapp.com"

Posted by benedict_w on Server Fault See other posts from Server Fault or by benedict_w
Published on 2012-11-12T10:52:15Z Indexed on 2012/11/12 11:05 UTC
Read the original article Hit count: 705

Filed under:
|

I'm trying to setup a Geotrust SSL certificate for my Heroku app using the SSL Endpoint addon and the instructions at https://devcenter.heroku.com/articles/ssl-endpoint.

I generated my public key from my private key using:

openssl rsa -in server.orig.key -out server.key

and added to the heroku certs:

heroku certs:add server.crt server.key

Everything seemed to be fine. heroku certs listed the corrected information only with Trusted = false for my certificate.

If I go to https://tokyo-2121.herokussl.com the browser says:

You attempted to reach tokyo-2121.herokussl.com,
but instead you actually reached a server identifying itself as www.mydomain.com.

As expected with the certificate apparently identifying the correct domain, but When I set up the CNAME to the given tokyo-2121.herokussl.com and visit my subdomain the browser says:

www.mydomain.com uses an invalid security certificate.

The certificate is only valid for the following names:
*.herokuapp.com , herokuapp.com

If I run curl -kv https://www.mydomain.com

I get: subjectAltName does not match www.mydomain.com

© Server Fault or respective owner

Related posts about ssl

Related posts about heroku