Search code examples
ruby-on-railsgoogle-chromeruby-on-rails-4heroku

Heroku: Privacy error "Your connection is not private" is displayed


Privacy error Your connection is not private is displayed (with using Chrome) when I try to access the url which I registered as CNAME.

I developed Rails app, and this is the first time to use Heroku.

Although the error isn't displayed when I use the original url such as https://floating-fortress-99999.herokuapp.com/, the error is displayed when I use www.my_app.com which I get.

All of the error messages on the browser are as followings;

Your connection is not private

Attackers might be trying to steal your information from www.my_app.com (for example, passwords, messages, or credit cards).
NET::ERR_CERT_COMMON_NAME_INVALID

This server could not prove that it is www.my_app.com; its security certificate is from *.herokuapp.com. This may be caused by a misconfiguration or an attacker intercepting your connection.

I can display www.my_app.com when I click the link Proceed to www.my_app.com (unsafe) on the browser.

Is it possible to avoid displaying 'Privacy error' ?

It would be appreciated if you could give me how to avoid this error.


Solution

  • The issue is that you're most likely using force_ssl = true in your configuration, however you don't have a valid and authorized SSL certificate installed on your server.

    To fix the error you have two possibilities:

    • Disable SSL via force_ssl = false (not recommended)
    • Purchase an SSL certificate issued from a certifying authority and install it on your server (such as nginx or Apache)