我正在尝试向 Heroku 添加 SSL 证书,但收到错误:
heroku certs:add domain.pem private.key
Resolving trust chain... failed
! No certificate given is a domain name certificate.
给出的证书不是域名证书是什么意思?
编辑:这是输出openssl x509 -text -in domain.pem
(省略了证书本身)。
如果有帮助的话,我目前已经为我的域名设置了 SSL snipsalonsoftware.com
。我想将我的应用程序移动到,这是我现在尝试添加的子域app.snipsalonsoftware.com
的 SSL 证书。app
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:e8:89:ec:34:02:23:f6:0a:d7:e1:e3:e6:0a:a2:b7
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=PositiveSSL CA 2
Validity
Not Before: Mar 12 00:00:00 2014 GMT
Not After : Mar 12 23:59:59 2015 GMT
Subject: OU=Domain Control Validated, OU=Provided by New Dream Network, LLC, OU=DreamHost Basic SSL, CN=app.snipsalonsoftware.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
Modulus (2048 bit):
00:f3:e3:db:d3:85:b0:67:57:9c:2e:3e:20:db:70:
77:9f:dd:7f:23:a9:f4:3f:8d:77:25:f0:5b:b7:4f:
a8:df:13:34:15:1a:82:5e:78:6a:1e:67:cd:71:f9:
15:9a:f1:a1:b3:e5:24:43:38:3c:be:76:d3:db:67:
fc:80:0d:8e:c0:d3:0b:30:12:08:62:81:be:87:6f:
a9:03:ce:24:59:cd:a3:8d:bf:8f:dc:80:6b:1b:cf:
05:ca:19:e9:28:26:70:ed:f0:67:6b:11:85:7d:bb:
64:16:3f:86:50:76:65:22:d0:b5:de:dd:66:cc:7d:
bc:89:d4:5b:d2:ee:1e:74:10:74:70:6e:c4:3d:b0:
51:96:63:9f:05:6e:d2:21:a0:74:b6:2c:40:82:35:
2e:5c:3f:12:1b:f5:5b:6e:40:f5:c5:02:a8:ef:a9:
db:df:7c:d4:88:2a:f7:ec:25:f6:b6:87:30:89:7b:
ba:5f:dd:66:34:ae:f8:0d:f4:20:19:85:26:91:83:
15:e4:9e:53:3c:ff:f5:10:37:6a:42:e7:d7:dc:29:
cd:5d:d4:07:a8:34:34:cf:9d:e5:bc:63:5b:d5:a1:
8d:ea:d4:3e:a9:ea:2f:25:49:e7:fb:1d:7a:e9:1d:
83:55:12:d7:a8:71:80:b5:b3:21:3c:41:54:cd:c5:
0e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
keyid:99:E4:40:5F:6B:14:5E:3E:05:D9:DD:D3:63:54:FC:62:B8:F7:00:AC
X509v3 Subject Key Identifier:
C6:BF:8B:52:90:D6:16:0B:54:54:27:AE:6B:8D:27:F1:03:AF:7E:96
X509v3 Key Usage: critical
Digital Signature, Key Encipherment
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.2.7
CPS: http://www.positivessl.com/CPS
Policy: 2.23.140.1.2.1
X509v3 CRL Distribution Points:
URI:http://crl.comodoca.com/PositiveSSLCA2.crl
Authority Information Access:
CA Issuers - URI:http://crt.comodoca.com/PositiveSSLCA2.crt
OCSP - URI:http://ocsp.comodoca.com
X509v3 Subject Alternative Name:
DNS:app.snipsalonsoftware.com, DNS:www.app.snipsalonsoftware.com
Signature Algorithm: sha1WithRSAEncryption
6c:4f:5c:16:a1:e5:e2:83:a2:84:d5:50:52:75:b8:3f:d2:b5:
b4:3f:5b:01:2e:d9:a5:f9:cf:04:94:44:df:2d:57:72:75:00:
4b:1c:0b:9d:ad:19:88:cf:c7:ab:37:50:df:4c:fa:c5:d0:db:
3f:79:ae:ea:c8:84:6b:d3:10:a1:65:68:b4:ec:4e:f1:2a:f8:
b2:87:db:7b:19:d8:e1:49:07:c7:eb:68:ae:58:84:d2:8d:67:
b4:a8:11:cf:a2:c7:4f:5d:cc:4b:64:0f:7c:3b:9f:07:a3:3d:
66:81:eb:08:61:c4:15:35:93:56:ea:f8:fe:87:58:12:a7:c8:
25:d0:8e:eb:e2:fe:e3:8b:5b:f4:8a:55:09:0a:c1:3e:16:47:
00:35:4b:7b:78:8d:2b:7e:4e:37:b9:c9:fd:4c:21:f4:09:50:
66:2f:06:3b:3d:73:91:70:3e:16:89:01:22:6e:71:52:06:99:
d5:9f:c2:f9:fc:97:9e:c6:73:cd:40:31:b6:34:1f:2d:aa:0f:
6b:ba:9e:79:b9:90:79:d8:15:f4:17:bc:25:8e:23:06:13:6a:
72:db:e5:e4:29:9a:7a:25:ba:38:ef:3e:a8:88:56:23:86:32:
07:59:8b:02:37:20:65:65:34:c9:ae:c3:2f:c5:41:6f:6e:cc:
8b:ac:01:c5