search

dwyl / learn-heroku

:checkered_flag: Learn how to deploy your web application to Heroku from scratch step-by-step in 7 minutes!
153 stars 395 forks source link

TLS Error #11

Open jackcarlisle opened 7 years ago

jackcarlisle commented 7 years ago

Hey @nelsonic I've been making my way through the tutorial for setting up an SSL certificate but I keep running into an error with TLS:

screen shot 2017-08-23 at 20 27 57

I've been googling around but can't seem to find anything that's helpful for my use-case.

Did you experience this error at all?

nelsonic commented 7 years ago

@jackcarlisle when you visit http://jumpstartjs.com/ what do you expect to see? (trying to confirm if the DNS has been properly configured to point to Heroku...?)

jackcarlisle commented 7 years ago

@nelsonic so it should forward to http://www.jumpstartjs.com which points to jumpstartjs.com.herokudns.com

Here's my DNS config:

screen shot 2017-08-24 at 09 01 15

Currently if I visit http://jumpstartjs.com it forwards to https://www.jumpstartjs.com :

screen shot 2017-08-24 at 09 05 33

If I go to just www.jumpstartjs.com I see this:

screen shot 2017-08-24 at 09 07 06

because I'm still deploying the letsencrypt-temporary-server branch.

nelsonic commented 7 years ago

@jackcarlisle so far so good. 👍 When you visit the url for the .well-known/acme-challenge/...etc does it download a file? also, is your plan to use the www. subdomain as your main URL?

jackcarlisle commented 7 years ago

@nelsonic it doesn't automatically download a file but if I click on one of the blue links it does. It just shows this page:

screen shot 2017-08-25 at 11 20 38

And yes the plan is to use www. as the main one

jackcarlisle commented 6 years ago

@nelsonic I've re-run certbot but I'm still experiencing this TLS error, any idea for what might be causing it?

jackcarlisle commented 6 years ago

I re-ran it again and it gave me a different error this time:

screen shot 2017-09-14 at 12 06 21

It keeps asking me to create two files in .well-known/acme-challenge. Am I doing something wrong @nelsonic ?

When I visit https://www.jumpstartjs.com/.well-known/acme-challenge/9ChX8PerOn21OR_ARdyXUFhjj-TTbgnxp3NlsfASGYc it says that this site can't provide a secure connection. It might be something to do with my DNS but I'm not sure where to start. When I visit the http version of the url it downloads the file as expected.

jackcarlisle commented 6 years ago

Solution

In my DNS settings I was forwarding my requests to the https version of the site when I should have been using the http version. Now that SSL is set up I can swap it back

nelsonic commented 6 years ago

@jackcarlisle thanks for sharing the solution. 🎉 if this is no longer an issue for you, please close. 👍 Hope your summer is going well. ☀️