Heroku SSL终端故障 [英] Trouble with Heroku SSL Endpoint

问题描述

我试图向Heroku添加SSL证书。该证书是从Network Solutions购买的。我经历了所有的步骤并创建了一个.csr文件，将该文件上传到NetworkSolutions，下载了他们的.crt文件（MYSITE.crt，AddTrustExternalCARoot.crt，NetworkSolutionsDVServerCA.crt），然后将站点cert&中间证书（AddTrustExternalCARoot.crt）捆绑。当我尝试添加我生成的Heroku的final.crt文件时，我得到：

 ！到期不能为空
！ Pem无效
  

使用预览我可以清楚地看到无效之后设置，所以我不是真的很确定这里发生了什么。

为了证明它的价值，我也尝试将NetworkSolutionsDVServerCA.crt与MYSITE.CRT&所有这些都是没有运气的。

这种事情不是我的强项（我敢肯定，你可以说），所以很可能我失踪了但如果你对这可能是什么有任何想法，我将不胜感激。

谢谢

解决方案

今天我面临同样的问题。

以下是我遵循的步骤来解决这个问题。

1. 按照以下顺序（从站点
   证书到根证书）合并证书文件到.crt或.pem文件中。让我们假设你将它命名为 Mysite_combined.crt 。

   
   
   

   MySite.crt，NetworkSolutionsDVServerCA.crt，AddTrustExternalCARoot.crt <打开Mysite_combined.crt文件的内容将看起来像

     ----- BEGIN CERTIFICATE ----- 
    .. 
    ----- END CERTIFICATE ---------- BEGIN CERTIFICATE ----- 
    .. 
    ----- END CERTIFICATE ---------- BEGIN CERTIFICATE ----- 
     

现在，在每个证书之间插入换行符。确保编辑文件中没有空白或空白行。内容现在应该如下所示：

  ----- BEGIN CERTIFICATE ----- 
 .. 
 ----- END CERTIFICATE ----- 
 ----- BEGIN CERTIFICATE ----- 
 .. 
 ----- END CERTIFICATE --- -  
 ----- BEGIN CERTIFICATE ----- 
  

1. 现在使用命令将证书添加到Heroku中。
   $ b

   heroku certs：add Mysite_combined.crt Mysite.key

注意：由于网络解决方案证书没有密码，您可以忽略在heroku站点中删除密码的步骤。如果您使用具有密码的密钥，请参阅本文详细介绍如何为heroku设置SSL。无论如何，您都应该执行上述第2步。

I am trying to add an SSL cert to Heroku. The cert was purchased from Network Solutions. I went through all of the steps and created a .csr file, uploaded that file to NetworkSolutions, downloaded their bundle of .crt files (MYSITE.crt, AddTrustExternalCARoot.crt, NetworkSolutionsDVServerCA.crt) and then combined the site cert & the intermediate certificate (AddTrustExternalCARoot.crt) bundles. When I try and add the final.crt file I produce to Heroku I get:

!    Expires at can't be blank
!    Pem is invalid

Using Preview I can clearly see that "Not Valid After" is set so I am not really sure what is going on here.

For what its worth I also tried combining NetworkSolutionsDVServerCA.crt with MYSITE.CRT & also combining all 3. All with no luck.

This kind of thing isn't my strong point (I am sure you can tell) so its very possible I am missing something but if you have any ideas on what it might be I would appreciate it.

Thanks

解决方案

I faced the same problem today.

Below are the steps I followed to fix it.

1. Combine the certificate files in the below order (from the site certificate to root certificate) into a .crt or .pem file. Lets assume you name it Mysite_combined.crt.

   MySite.crt, NetworkSolutionsDVServerCA.crt, AddTrustExternalCARoot.crt

2. Open Mysite_combined.crt the content of the file will look like

   -----BEGIN CERTIFICATE-----
   ..
   -----END CERTIFICATE----------BEGIN CERTIFICATE-----
   ..
   -----END CERTIFICATE----------BEGIN CERTIFICATE-----
   

Now, Insert line feed between each certificate. Make sure there is no white space or blank line in the edited file. The content should now look like

-----BEGIN CERTIFICATE-----
..
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
..
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----

1. Now add the certificate to Heroku using the command

   heroku certs:add Mysite_combined.crt Mysite.key

Note: Since Network solution certificate does not have a pass code, you can ignore the steps to remove pass code in heroku site. If you use a key which has pass code refer to this article which details how to setup the SSL for heroku. You should do the step 2 above in any case.

这篇关于Heroku SSL终端故障的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！