Search code examples
.htaccesssslherokudnsheroku-cli

Not secured subdomain heroku website when I set up it as subdomain of the website from another hosting

I have an http://example.com website on some hosting and I'd like to have https://myapp.herokuapp.com being show as https://subdomain.example.com

I have configured on "example.com" hosting side:

CNAME myapp.herokuapp.com.

I have added to heroku domains:add --app myapp subdomain.example.com So now I see CNAME like subdomain.example.com when calling for heroku domains -a myapp

But when I'm opening https://subdomain.example.com I see the insecure connection and the certificate is issued for *.herokuapp.com :

Subject:

CN = *.herokuapp.com
O = Heroku, Inc.
L = San Francisco
S = California
C = US

Alternative subject:

DNS Name=*.herokuapp.com
DNS Name=herokuapp.com

So how can I make my heroku subdomain issue a certificate for https://subdomain.example.com ?

Also, there is a problem.

When I type http://subdomain.example.com in Chrome, the http://example.com is loaded. When I type http://subdomain.example.com in Firefox, the http://subdomain.example.com is loaded and works without any encryption, while it doesn't allow to open http://myapp.herokuapp.com and opens it as https://myapp.herokuapp.com

How can I avoid this behavior in Firefox? The behavior I want when trying to open http://subdomain.example.com is to always force https://subdomain.example.com and not leave to http://subdomain.example.com or redirect to http://example.com

Solution

  • I got the answer of the Heroku support team:

    Thank you for reaching out to us. Looking into your issue I found that you have configured your domain incorrectly.

    subdomain.example.com. 599    IN      CNAME   myapp.herokuapp.com

    When you add a domain to your app, Heroku generates a unique DNS target for that domain. You need to point your domain to this DNS target at your DNS provider.

    === myapp Custom Domains
Domain Name              DNS Record Type  DNS Target
───────────────────────  ───────────────  ──────────────────────────────────────────────────
subdomain.example.com.ru  CNAME            secure-lynx-1rbkrol1o46ccpklg1j5u2ac.herokudns.com

    In your case, I see that you have added a subdomain subdomain.example.com to your app. You need to point your subdomain to the Heroku generated DNS target secure-lynx-1rbkrol1o46ccpklg1j5u2ac.herokudns.com of that domain with CNAME record type (CNAME for subdomains and ALIAS/ANAME for root domains) at your DNS provider. This should resolve your issue.