Closed ppcano closed 4 years ago
Thanks for reporting! @stefanpenner you'll likely need to handle this (I think this article has relevant info).
@trentmwillis thanks, will investigate!
@stefanpenner any update on this? can I help you?
@villander sure, would love a hand. But I don't believe I actually have access to the heroku app in question. So I am not sure what I can actually do.
I do believe I have access to the domain itself, but I don't think that gets us much to resolve the above issue.
@trentmwillis / @dgeb do any of you have access?
I do. Let me know who I should give access to it and I can (just need an email address for each person which you can DM me on Twitter if preferring not to post it here)
@dgeb can you fix this on heroku for us, please?
@stefanpenner @trentmwillis @villander I will DM Trent my email and then look into this.
Ok, Trent's given me access so the ball is in my court now ...
According to the Heroku article that @trentmwillis linked above, I would expect this to be caused by our DNS pointing ember-engines.com
to herokuapp.com
instead of ember-engines.herokuapp.com
.
However, it appears that we have the appropriate CNAME
configured already:
$ dig ember-engines.com
;; Warning: Message parser reports malformed message packet.
; <<>> DiG 9.10.6 <<>> ember-engines.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55484
;; flags: qr rd ra; QUERY: 1, ANSWER: 10, AUTHORITY: 4, ADDITIONAL: 8
;; WARNING: Message has 10 extra bytes at end
;; QUESTION SECTION:
;ember-engines.com. IN A
;; ANSWER SECTION:
ember-engines.com. 670 IN CNAME ember-engines.herokuapp.com.
ember-engines.herokuapp.com. 300 IN CNAME us-east-1-a.route.herokuapp.com.
us-east-1-a.route.herokuapp.com. 27 IN A 34.224.36.137
us-east-1-a.route.herokuapp.com. 27 IN A 34.204.208.235
us-east-1-a.route.herokuapp.com. 27 IN A 34.225.94.62
us-east-1-a.route.herokuapp.com. 27 IN A 34.203.183.13
us-east-1-a.route.herokuapp.com. 27 IN A 34.226.120.217
us-east-1-a.route.herokuapp.com. 27 IN A 34.228.93.197
us-east-1-a.route.herokuapp.com. 27 IN A 34.227.214.181
us-east-1-a.route.herokuapp.com. 27 IN A 34.206.154.141
;; AUTHORITY SECTION:
herokuapp.com. 263 IN NS ns-662.awsdns-18.net.
herokuapp.com. 263 IN NS ns-505.awsdns-63.com.
herokuapp.com. 263 IN NS ns-1624.awsdns-11.co.uk.
herokuapp.com. 263 IN NS ns-1378.awsdns-44.org.
;; ADDITIONAL SECTION:
ns-505.awsdns-63.com. 52256 IN A 205.251.193.249
ns-662.awsdns-18.net. 28888 IN A 205.251.194.150
ns-1378.awsdns-44.org. 29265 IN A 205.251.197.98
ns-1624.awsdns-11.co.uk. 29178 IN A 205.251.198.88
ns-662.awsdns-18.net. 54912 IN AAAA 2600:9000:5302:9600::1
ns-1378.awsdns-44.org. 1268 IN AAAA 2600:9000:5305:6200::1
;; Query time: 42 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Sun Feb 10 17:45:13 EST 2019
;; MSG SIZE rcvd: 512
Although there are warnings about the message, it does appear that the DNS is correctly configured.
I think the actual problem is that the site is on unpaid dynos, and thus does not support SSL, as far as I can tell from the config here:
@trentmwillis do you know if this site was using paid dynos at one point? Or has Heroku's policy changed?
@stefanpenner I'd be glad to set this up in a way consistent with other ember sites like https://ember-cli.com. Please DM to discuss when you have a chance.
@dgeb it's never used paid dynos. In fact, I'm not sure it was ever properly served over https.
So, looks like without paying, you can only get SSL for the default herokuapp.com
domains. For example, https://ember-engines.herokuapp.com/, works fine.
@trentmwillis ah, thanks for the clarification! I was under the impression that something had changed and that https://ember-engines.com had been working at some point.
I guess we just need to decide how worthwhile https is for this site, whether anyone or company wants to fund it, and/or whether we should simply switch over to something more static like GitHub pages (perhaps using prember).
Will this move over to github pages?
still no! The heroku broken with prember, I reverted this commit.
Thanks a lot for the hard work @gabrielcsapo
Visit via https shows a certificate error