2

I am following the instructions on https://devcenter.heroku.com/articles/ssl-endpoint but getting stuck on generating private key. It says to generate a private key '$ openssl genrsa -des3 -out server.pass.key 2048' so I'm typing into rails command line

$ heroku run openssl genrsa -des3 -out server.pass.key 2048

This seems to work and I can enter a passphrase twice (but there is no confirmation message)

The next stage is to type the following "$ openssl rsa -in server.pass.key -out server.key" - so that the private key can be stripped of its passphrase. So:

$ heroku run openssl rsa -in server.pass.key -out server.key

But here I get the following error:
Error opening Private key server.pass.key
2:error:02001002:system library:fopen no such file or directory:bss_file.c:356:f
open('server.pass.key','r')
2:error:20074002:BIO routines:FILE CTRL:system lib:bss_file.c:358:
Unable to load private key

Any ideas? Thanks.

(by the way I already have site-wide SSL enabled on the app, using heroku's certificate. I am trying to change to my own SSL certificate for my own domain).

4

2 回答 2

8

I think the idea is to run those commands locally, on your own computer. First, make sure you have openssl installed (if you don't, follow the instructions on the provided Heroku help page, or use a friend's computer that has it installed). Then, type this:

$ openssl genrsa -des3 -out server.pass.key 2048
Generating RSA private key, 2048 bit long modulus
........................................................................................+++
..........+++
e is 65537 (0x10001)
Enter pass phrase for server.pass.key:
Verifying - Enter pass phrase for server.pass.key:

After this step, there should be a file named server.pass.key in the current directory:

$ ls
server.pass.key

Then, run the second command:

$ openssl rsa -in server.pass.key -out server.key
Enter pass phrase for server.pass.key:
writing RSA key

After you finish this step, there should be two files in the directory. Then, continue as it says in instructions.

$ ls
server.key  server.pass.key
于 2013-06-28T06:59:27.607 回答
2

Check if your file is formed correctly. I changed 

-----END CERTIFICATE----------BEGIN RSA PRIVATE KEY-----

into 

-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----

and the error disappeared.

于 2014-04-11T19:50:33.893 回答