Created
November 3, 2012 10:40
-
-
Save gentamura/4006976 to your computer and use it in GitHub Desktop.
Herokuの本番環境にRailsでSSL(https)を導入する方法 ref: http://qiita.com/items/7a12ca611705017bcb0e
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ openssl genrsa -des3 -out server.orig.key 2048 | |
| ... | |
| Enter pass phrase for server.key: 適当なパスワードを。 | |
| Verifying - Enter pass phrase for server.key: もう一度同じパスワードを。 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ openssl rsa -in server.orig.key -out server.key |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ openssl req -new -key server.key -out server.csr | |
| You are about to be asked to enter information that will be incorporated | |
| into your certificate request. | |
| What you are about to enter is what is called a Distinguished Name or a DN. | |
| There are quite a few fields but you can leave some blank | |
| For some fields there will be a default value, | |
| If you enter '.', the field will be left blank. | |
| ----- | |
| Country Name (2 letter code) [AU]:JP ※国名 | |
| State or Province Name (full name) [Some-State]:Hokkaido ※都道府県 | |
| Locality Name (eg, city) []:Hakodate ※市区町村 | |
| Organization Name (eg, company) [Internet Widgits Pty Ltd]:Helply LLC. ※会社名 | |
| Organizational Unit Name (eg, section) []: ※部署(入力せず) | |
| Common Name (eg, YOUR name) []:www.helply.net ※証明書に表示される名前 | |
| Email Address []:[email protected] ※メールアドレス | |
| Please enter the following 'extra' attributes | |
| to be sent with your certificate request | |
| A challenge password []:※入力せず | |
| An optional company name []:※入力せず |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl https://knowledge.rapidssl.com/library/VERISIGN/ALL_OTHER/RapidSSL%20Intermediate/RapidSSL_CA_bundle.pem > rapidssl_bundle.pem | |
| cat server.orig.crt rapidssl_bundle.pem > server.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ heroku addons:add ssl | |
| Adding ssl on young-planet-6921... done, v1 ($20/mo) | |
| Next add your certificate with `heroku certs:add PEM KEY`. | |
| Use `heroku addons:docs ssl` to view documentation. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ heroku domains:add www.mydomain.com | |
| Added www.mydomain.com to myapp... done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ heroku plugins:install https://github.com/heroku/heroku-ssl-doctor.git |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ heroku certs:add server.crt server.key | |
| Adding SSL Endpoint to myapp... done | |
| myapp now served by tokyo-2121.herokussl.com. | |
| Certificate details: | |
| Expires At: 2012-10-31 21:53:18 GMT | |
| Issuer: C=US; ST=CA; L=SF; O=Heroku; CN=www.mydomain.com | |
| Starts At: 2011-11-01 21:53:18 GMT | |
| Subject: C=US; ST=CA; L=SF; O=Heroku; CN=www.mydomain.com | |
| SSL certificate is self signed. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| config.force_ssl = true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment