Using Heroku (with ssl) and namecheap, not sure what exactly should i set to make https://domain work as well and have www.domain redirects to https connection.
Two things:
www.domain works but goes to unsecured connection without https.
http://domain also works and goes into secured connection with https.
Related
My Spring app uses lets encrypt and is https only. I did not include http to https thing, as it worked for me in postman with https:// format
When I deployed to Cloud Run, and mentioned the custom port (the port specified in spring)
and tested using URL from dashboard
https://..blah..run.app
I am getting error/message
Bad Request
This combination of host and port requires TLS.
What configuration is required on Cloud Run to resolve this?
The url as I see on service details page has htpps://...
EDIT:
If Cloudrun does not need me to take case of SSL, I can remove the application properties entries
server.ssl.key-store-type=PKCS12
server.ssl.key-store=classpath:key/keystore.p12
server.ssl.key-store-password=${lets.secret}
server.ssl.key-alias=someCertAlias
server.ssl.enabled=true
So Can I get an answer on whether to remove SSL from spring?
If cloudrun always uses http, all my calls use redirectConnector, which seems pointless
The Cloud Run Service listens on HTTP and HTTPS. Your application running in the container must listen on a port configured with HTTP only.
FYI: For a public facing web server, you should almost always enable HTTP. Otherwise, when a user enters www.example.com in the browser, the user will receive a connect error. This not always the case, for example .dev gTLDs, but is good practice. When a user connects to Cloud Run with the HTTP protocol, Cloud Run will redirect the user to HTTPS and connect to your application using the HTTP protocol.
I am hosting my nodejs app in heroku and my domain name is in OVH.
I managed to create a subdomain www and a CNAME record that points to my heroku app. It is working fine and SSL is also working fine from heroku.
I added a redirection from all subdomains to https://www.mywebsite.com and everything is working fine.
My problem is when i type www.mywebsite.com, there is no redirection and no SSL.
How can i redirect www.mywebsite.com to https://www.mywebsite.com ?
Thanks !
Unfortunately, No.
DNS maps domain names onto IP addresses, that is, it tells the client that example.com points to 12.34.56.78. HTTP vs. HTTPS is a matter of picking a port, and using the right protocol, and this is negotiated directly between client and server; DNS lookup has already happened before that.
If you want to redirect all plain-http traffic to https, you have to do it on the web server, not the DNS server.
In your situation, you could do this in node.js.
There tons of examples online for node's built-in http server or for frameworks like express. I'd recommend this solution.
But there are also solutions like Cloudflare.
They offer you a DNS Service and a proxy, which can handle such HTTP to HTTPS redirection and they even let you use their own SSL Certificate, so you don't need to buy (or let's encrypt) a SSL Certificate on your own, for example.
I purchased a domain (say, example.com) from Google and my Django application (say, mysite.herokuapp.com) runs on Heroku. The CNAME is set on Google to forward the http requests to the Django applicaiton on Heroku. Forwarding requests from http://mysite.example.com to mysite.herokuapp.com works just fine.
Recently, I need to introduce progressive-web-application to my application and it requires the https protocol, instead of http, that is, the URL now has to be https://mysite.example.com and it doesn't work for Google domains. I tried https://mysite.herokuapp.com and it works fine, which means Heroku already supports https. However, I tried (and also googled) for a long time without finding a solution.
So how do I set the Google domain to use https protocol?
The DNS answer from Google cannot contain the port or protocol (http vs. https), it just contains the hostname.
You need to add a redirect from http to https in the Heroku django app, see e.g. here for more instructions.
It's not Google you need to change, it's your Django configuration.
Set SECURE_SSL_REDIRECT to True, and enable the SecurityMiddleware in your app, and any requests should automatically be redirected from HTTP to HTTPS.
When switching to HTTPS you need to add certs to heroku and that process updates the host from "mysite.heroku.com" to something like "tokyo-2121.herokussl.com". You will need to update your DNS to serve HTTPS pages from the new SSL compliant heroku instance for both HTTP and HTTPS.
Here is a tutorial that outlines the process with Godaddy, it should be very similar or all DNS providers.
http://www.joshwright.com/tips/setup-a-godaddy-ssl-certificate-on-heroku
Just got a solution from one of Heroku's engineers:
1) Upgrade the Heroku app to a paid one (e.g., Hobby)
2) On the DNS provider's settings, set the DNS target to <app_name>.<domain>.herokudns.com (e.g., "mysite.example.com.herokudns.com")
3) Run $ heroku certs:auto:refresh -a <app_name> (e.g., $ heroku certs:auto:refresh -a mysite)
I'm not sure if this is the same problem that you ran into, but when forwarding from https://example.com to my wix subdomain https://learn.example.com, I got a "No resource with given identifier found" error in the browser. Forwarding from http://example.com to https://learn.example.com was working just fine.
I had to open Google Domains' advanced forwarding options for my forwarding rule and enable SSL forwarding, like so:
I have recently got an SSL certificate on my website, on the apache server that I am using to host my website. The website says "Secure" and also works fine when I run it over localhost using the laptops ip address 192.168.*.**. But when I try to port forward this website over the port 443, it somehow says unsecure and your connection is not private. Any help here will be appreciated.
It sounds like you are using a self-signed certificate for your https connection. While modern browsers such as chrome give you errors saying the connection is unsecure and perhaps you even see red lines crossing out the https at the beginning of your url, there is no need to worry. If you are getting your page to render with these characteristics all is working, the reason for the errors is because the certificate is signed only for you.
In a real world production scenario you would have to use a third party service for a public capable certificate. However for your own development purposes, as long as the page runs with https there all is working as it is intended to.
For more try reading this article.
I'm experiencing a 503 error with heroku on my project using WebSockets and a custom domain.
Connecting on http://www.mydomain.com (That point with CNAME on my heroku app)
WebSocket connection to 'ws://www.mydomain.com/shoutbox' failed: Error during WebSocket handshake: Unexpected response code: 503
Connecting on http://myapp.herokuapp.com
Everything goes allright with adress ws://myapp.herokuapp.com/shoutbox. Everything is also good in my local setup.
Is there any cross-domain issue I'm not aware off ? I'm using play!2 as server side fwk, but I don't think there is any relation to this problem.
[EDIT]
If I can only connect within my own domain then it would be fine. Cause this would be the address I'd like people to use.
I'm assuming you already enabled heroku labs:enable websockets since your herokuapp domain is working properly.
I have a hunch your DNS query is hitting a Heroku endpoint that doesn't support websockets, i.e. it's cached from before you enabled the websockets functionality.
If this behavior only happens on a single client, try flushing your DNS cache and trying again. Alternatively, make sure the DNS records for both of your domains are resolving to the same IP.