Heroku : Update Cedar

The legacy Cedar-10 stack has been deprecated and reached its end-of-life on November 4, 2015. Applications may continue running, however you will not be able to push to your application without upgrading to Cedar-14 first.

Due to changes in the glibc library on Cedar-14, apps may see different memory consumption behavior on that stack. See the Performance Differences section for details. Continue reading

Advertisements

SSL Certificate signed by Authorities

Well, you can sign your SSL certificates your self using OpenSSL library. You can visit this link to learn more about generating SSL CSR and Private Key.  One disadvantage with this kind of approach is that browsers do not trust the certificates signed by you. These type of certificates are called self signed certificates. So, your visitor will face weird situations likecerti1

This will definitely affect your business.

Solution

Unfortunately we need to pay certification authorities like Comodo SSL, Digi-Cert, etc to verify our certificates. To get the verified certificate we need to supply the provider with Certificate Signing Request(CSR) file which we generated using OpenSSL or we can get from services like Heroku or Our Hosting service provider.

Note: Giant providers can be much more expensive so you can try re-sellers like www.namecheap.com for cheaper rates.

Generating CSR Using Heroku

$ heroku certs:generate *.my-domain.com -a myherokuapp

will prompt to enter details one-by-one

Generating CRT

Normally you need to open the .csr file in text editor, copy and paste the content into some text-area field in the authority’s website.

Then they will verify if you are the real owner of that particular domain. You can either verify via Email, HTTP or DNS verification. You have to prove that you own that website.

  • Email: A verification email is sent which you need to read and click the verification link.
  • HTTP: They will provide you a plain text file; which you need to put into the server via FTP or SSH and make sure the file is accesible via http://www.your-domain.com/theverificationfile.txt
  • DNS Verification: You must create a special CNAME record in the DNS records for your domain. This record will be also provided after the activation..

Depending on the certificate type or brand, you may be asked for different types of information. Certificates that require business validation, for example, will require the business’ or company’s information. Non-mandatory fields are shown with an “Optional” tag. Administrator’s contact information must be submitted using latin characters (Aa-Zz) and digits (0-9) only.

After verification they will normally provide you with .crt and .ca-bundle or .p7b file

 

How Certificate verification works

 

Setting up your new SSL Certificate

Heroku

Put your .crt and .key file in a directory. Chdir to that path. and run

$ heroku certs:add [server.crt] [server.key] -a myherokuapp
Resolving trust chain... done
Adding SSL Endpoint to myherokuapp... failed
 ! Only one SSL endpoint is allowed per app (try certs:update instead).

well, then I need to update

$ heroku certs:update server.crt server.key -a myherokuapp
Resolving trust chain... done

! WARNING: Potentially Destructive Action
 ! This command will change the certificate of endpoint yamanashi-6XX7.herokussl.com on myherokuapp.
 ! To proceed, type "myherokuapp" or re-run this command with --confirm myherokuapp

> thepact
Updating SSL Endpoint yamanashi-6XX7.herokussl.com for myherokuapp... done
Updated certificate details:
Common Name(s): *.my-domain.com
 my-domain.com

Expires At: 2017-04-17 23:59 UTC
Issuer: /C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
Starts At: 2016-04-15 00:00 UTC
Subject: /OU=Domain Control Validated/OU=PositiveSSL Wildcard/CN=*.my-domain.com
SSL certificate is verified by a root authority.

Getting Private Key File if generated by Host Provider

If you have not manually generated .csr then you probably don’t have your Private Key file with you; which is important to set up the certificate to your web server. You probably have access to your host server via FTP or SSH. You can find the corresponding PrivateKey and CSR file over there.

Why would I need to download Private key if its already in my host server and works perfect?

-> Well, if your my-domain.com is hosted in one server and other subdomain.my-domain.com in another server, then you need the pair (.csr and .key) file to certify your server.

Useful links

https://www.namecheap.com/support/knowledgebase/article.aspx/794/67/how-do-i-activate-an-ssl-certificate

Rails : Heroku : Production ActionController :: InvalidAuthenticityToken

 

So I’m not sure if this is 100% causing it but I was able to replicate the error

To reproduce:
1) Open two browser windows of the same browser type (ie. 2 chrome windows)
2) Go to the login page in both windows
3) Login on one of the windows and then logout
4) Login on the other browser window and you’ll see the error

Logging out updates the csrf token but if the other login page isn’t refreshed it doesn’t get the updated token. Shouldn’t devise be handling this situation gracefully?

Continue reading

Cron jobs in Rails : Whenever gem or Scheduler in Heroku

To use autotriggered background processes in Ruby On Rails, we normally user gem like ‘Whenever‘. Its very easy to use.

Using single command like `whenever -i` will update your cron tab. To see your current Cron status you can simply use command like `whenever -l` or `crontab -l`.

Cron In Heroku

Continue reading

Heroku : Rails : Compiled slug size: 325.0MB is too large

What is slug?

Slugs are compressed and pre-packaged copies of your application optimized for distribution to thedyno manager. When you git push to Heroku, your code is received by the slug compiler which transforms your repository into a slug. Scaling an application then downloads and expands the slug to a dyno for execution.

What is this error about?

It means you code base is huge and compressing it should not exceed size 300 MB; Continue reading