--- title: "Setting up wild card SSL on heroku" description: "Seeting up wild card SSL on heroku" canonical_url: "https://www.bigbinary.com/blog/wild-card-ssl-on-heroku" markdown_url: "https://www.bigbinary.com/blog/wild-card-ssl-on-heroku.md" --- # Setting up wild card SSL on heroku Seeting up wild card SSL on heroku - Author: Neeraj Singh - Published: December 1, 2020 - Categories: Misc Setting up wild card SSL on heroku can be complicated. Recently I had to set it up for a new domain and this time I recorded the whole process. The ssl certificate in this example was bought from namecheap but the same process would apply for other vendors too. The video of the whole process is available here. ### Script to generate keys ```bash openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr ``` When the prompt asks for `Common name(full qualified host name)` then enter `*.yourdomainname.com`. Since we are setting up a wild card certificate it's important that the common name starts with a `*`. Otherwise later we are going to get an error. Except the above mentioned question the answer to other questions do not matter at all. You can enter junk values and the SSL will work just fine. Hit enter when a challenge password is requested. ### Script to generate ssl bundle ```bash $ cat __neetohelp_net.crt __neetohelp_net.ca-bundle > ssl-bundle.crt ``` Note that the order of the crt and bundle files matters when combining them. Secondly, as shown in the video, we might have to split the combined line. Now let's examine the contents of the combined file. ```bash $ cat ssl-bundle.crt ``` If we see a line like the one below: ```plaintext -----END CERTIFICATE----------BEGIN CERTIFICATE----- ``` Then we need to split the line such that `END` and `BEG` align vertically like so: ```plaintext -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ``` ## Links - [Human page](https://www.bigbinary.com/blog/wild-card-ssl-on-heroku)