Create Certificate
Run these commands to get certbot-auto. certbot-auto should work on most systems
wget https://dl.eff.org/certbot-auto
chmod 755 certbot-auto
This command starts the process of obtaining your certificate. The flag -dallows you to transfer the domain that you want to protect. In addition, a -dhint will appear without an icon in which you can enter a domain.
./certbot-auto certonly --manual -d app.yoursite.com
Then he will ask you the following. Do not press enter.
Make sure your web server displays the following content at
http://app.yoursite.com/.well-known/acme-challenge/SOME-LENGTHY-KEY before continuing:
SOME-LONGER-KEY
public. , .
mkdir -p public/.well-known/acme-challenge/
SOME-LENGTHY-KEY SOME-LONGER-KEY
echo SOME-LONGER-KEY > public/.well-known/acme-challenge/SOME-LENGTHY-KEY
Heroku.
git push heroku master
enter, .
IMPORTANT NOTES:
- Congratulations! Your certificate and chain have been saved at
/etc/letsencrypt/live/app.yoursite.com/fullchain.pem. Your cert will
expire on 2016-04-11. To obtain a new version of the certificate in
the future, simply run Let Encrypt again.
Heroku, SSL Betaββp >
heroku labs:enable http-sni -a your-app
heroku plugins:install heroku-certs
fullchain.pem privkey.pem Heroku.
sudo heroku _certs:add /etc/letsencrypt/live/app.yoursite.com/fullchain.pem /etc/letsencrypt/live/app.yoursite.com/privkey.pem
,
heroku _certs:info
DNS
DNS, app.yoursite.com.herokudns.com
SSL
, SSL, . -v . -I . -H URL. , , .
curl -vI https://app.yoursite.com -H "Cache-Control: no-cache"
,
* Server certificate:
* subject: C=US; ST=CA; L=SF; O=SFDC; OU=Heroku; CN=app.yoursite.com
subject CN=app.yoursite.com, 5-10 . , .
, ROOT_URL https.
heroku config:set ROOT_URL=https://app.yoursite.com
, SSL force-ssl
meteor add force-ssl
, - OAuth, (Facebook, Google ..), URL https.
certbot-auto
./certbot-auto certonly --manual -d app.yoursite.com
. , enter. , .
, Heroku
heroku certs:update /etc/letsencrypt/live/app.yoursite.com/fullchain.pem /etc/letsencrypt/live/app.yoursite.com/privkey.pem
, , SSL