Our existing SSL certificate is about to expire, and so we are trying to install a new one. However, there are no instructions for Heroku ...
Package creation
To create a package, you must combine the bunch of intermediate certificate files together in the correct order. Heroku example:
$ cat EssentialSSLCA_2.crt ComodoUTNSGCCA.crt UTNAddTrustSGCCA.crt AddTrustExternalCARoot.crt > bundle.pem
( https://devcenter.heroku.com/articles/ssl-certificate-dnsimple )
We got a different set of files:
- AddTrustExternalCARoot.crt
- COMODORSAAddTrustCA.crt
- COMODORSADomainValidationSecureServerCA.crt
- (www_our_domain) .crt
How should they be combined? It is right?:
$ cat (www_our_domain).crt COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > bundle.pem
Adding Certificates
I assume that we do not need to provide another SSL endpoint, we are just updating the one we have ...
$ heroku certs:add server.crt server.key bundle.pem
( https://devcenter.heroku.com/articles/ssl-endpoint#provision-the-add-on )
But it is unclear what happens to the old certificates that were added at the beginning? Are they rewritten? Do I need to delete them?
ssl-certificate heroku
Yarin
source share