search

pixielabs / letsencrypt-rails-heroku

Automatic LetsEncrypt SSL certificates in your Rails app on Heroku.
MIT License
220 stars 33 forks source link

Testing challenge filename error when forcing SSL #11

Closed daniloisr closed 7 years ago

daniloisr commented 7 years ago

Hello,

My Rails app uses force_ssl to enforce SSL in all paths and I'm facing an error with heroku run rake letsencrypt:renew because open-uri don't handle redirects from http to https (see this bug), so I ended with the following error:

Testing filename works (to bring up app)...
RuntimeError: redirection forbidden: http://mydomain... -> https://mydomain...

I'm wondering if a patch like this would be valid (original):

diff --git a/lib/tasks/letsencrypt.rake b/lib/tasks/letsencrypt.rake
index 7787cd0..452ffc3 100644
--- a/lib/tasks/letsencrypt.rake
+++ b/lib/tasks/letsencrypt.rake
@@ -52,7 +52,15 @@ namespace :letsencrypt do

       # Get the domain name from Heroku
       hostname = heroku.domain.list(heroku_app).first['hostname']
-      open("http://#{hostname}/#{challenge.filename}").read
+      begin
+        open("http://#{hostname}/#{challenge.filename}").read
+      rescue RuntimeError => error
+        if error.message ~= /redirection forbidden/
+          open("https://#{hostname}/#{challenge.filename}").read
+        else
+          raise error
+        end
+      end
       puts "Done!"

       print "Giving LetsEncrypt some time to verify..."
jalada commented 7 years ago

The README details what you need to do if force_ssl is enabled across your app. Does that help?

daniloisr commented 7 years ago

sure! I totally missed that part 😅 Thanks