2

I have a ssl certificate for secure.mydomain.com. It's properly set up and I can access https://secure.mydomain.com without any warnings.

When I access a devise action like sign_in, the request is properly done in https. However, it doesn't find my ssl certificate. My deployment environment is heroku, so using a certificate with a root name is not an option. How can I tell devise where the ssl certificate lives?

I'm currently skirting around this by adding the subdomain to my login urls ("secure.mydomain.com/sign_in") via some url_for hackery. However, that locks the user into using the secure.mydomain.com domain. I tried redirecting the user back to the root domain after login, but their session is lost.

How can I get around this?

tassock
  • 1,633
  • 1
  • 17
  • 32
  • Did you mean, "I can access `httpS://secure.mydomain.com` [...]"? What do you mean by this: "My deployment environment is heroku, so using a certificate with a root name is not an option."? Which domain(s) is your Heroku environment serving? – Bruno Jan 16 '12 at 12:15
  • Thanks for the comment Bruno. Yes, I meant to write https in the link. Updated. My heroku environment is serving mydomain.com and secure.mydomain.com. – tassock Jan 16 '12 at 16:55
  • You may be interested in these: http://stackoverflow.com/a/3259856/372643 and http://stackoverflow.com/a/3094070/372643. – Bruno Jan 16 '12 at 17:07
  • I have exactly the same issue. Did you find a solutiona already? – Ben Mar 14 '12 at 12:55
  • Ben - I changed my ssl to www.mydomain.com and am forcing all of my requests through the www subdomain via rack middleware. Maybe not the most eloquent solution, but it works! – tassock Mar 23 '12 at 07:19

0 Answers0