search

dnsimple / addon-heroku

Connect DNSimple domains to Heroku apps
1 stars 3 forks source link

Don't let customers try to add a certificate for dynos that do not support SNI #9

Closed sbastn closed 7 years ago

sbastn commented 7 years ago

On the SSL certificate page, I am presented with 2 certificates that have already expired:

screen shot 2016-11-29 at 12 16 52 pm

If I select any of them, the application crashes. So don't show them 😄

aeden commented 7 years ago

I am able to add an expired certificate. Could you try again so I can take a look at the logs?

aeden commented 7 years ago 
2016-12-08T08:19:54.320142+00:00 app[web.1]: 08:19:54.320 [error] #PID<0.857.0> running HerokuConnector.Endpoint terminated
2016-12-08T08:19:54.320145+00:00 app[web.1]: Server: addon-heroku-connector.herokuapp.com:80 (http)
2016-12-08T08:19:54.320146+00:00 app[web.1]: Request: POST /connections/28/connect
2016-12-08T08:19:54.320147+00:00 app[web.1]: ** (exit) an exception was raised:
2016-12-08T08:19:54.320148+00:00 app[web.1]:     ** (KeyError) key :cname not found in: %Happi.Heroku.Error{code: 422, id: "invalid_params", message: "You need to be running on either Hobby or Professional dynos to be able to use SNI SSL.", url: ""}
2016-12-08T08:19:54.320149+00:00 app[web.1]:         (heroku_connector) web/services/connection_service.ex:48: HerokuConnector.ConnectionService.connect_with_certificate/4
2016-12-08T08:19:54.320150+00:00 app[web.1]:         (heroku_connector) web/controllers/connection_controller.ex:47: HerokuConnector.ConnectionController.connect/2
2016-12-08T08:19:54.320150+00:00 app[web.1]:         (heroku_connector) web/controllers/connection_controller.ex:1: HerokuConnector.ConnectionController.action/2
2016-12-08T08:19:54.320151+00:00 app[web.1]:         (heroku_connector) web/controllers/connection_controller.ex:1: HerokuConnector.ConnectionController.phoenix_controller_pipeline/2
2016-12-08T08:19:54.320152+00:00 app[web.1]:         (heroku_connector) lib/heroku_connector/endpoint.ex:1: HerokuConnector.Endpoint.instrument/4
2016-12-08T08:19:54.320153+00:00 app[web.1]:         (heroku_connector) lib/phoenix/router.ex:261: HerokuConnector.Router.dispatch/2
2016-12-08T08:19:54.320154+00:00 app[web.1]:         (heroku_connector) web/router.ex:1: HerokuConnector.Router.do_call/2
2016-12-08T08:19:54.320154+00:00 app[web.1]:         (heroku_connector) lib/heroku_connector/endpoint.ex:1: HerokuConnector.Endpoint.phoenix_pipeline/1
aeden commented 7 years ago

Per discussion with @sbastn , the simplest approach may be to detect that the dyno is not capable of supporting SSL due to its plan type, and then warning the customer and not showing the certificate selector.

aeden commented 7 years ago

Closed by 9c22677c87cfac7f9d9e833f9c04a622249d72a5