竹内 仁 (TAKEUCHI Hitoshi) の日記

herokuにて独自ドメインのアプリでSNI SSLを使う(その2)

Posted at — Feb 2, 2012

/images/7-6QkrSqwKp0vf.jpg herokuでSNI SSLアドオンを追加し、証明書の登録までやってみました。手順をのせておきます。


  1. 秘密鍵の生成
  2. CSRの生成
  3. パスフレーズを除去した秘密鍵の生成
  4. herokuへ証明書を登録


[code lang=”bash”]
bash-3.2$ openssl genrsa -des3 -out 1024
Generating RSA private key, 1024 bit long modulus
Enter pass phrase for
Verifying — Enter pass phrase for

bash-3.2$ openssl req -new -key -out
Enter pass phrase for
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter ‘.’, the field will be left blank.
 — — -
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:Kanagawa
Locality Name (eg, city) []:Yokohama
Organization Name (eg, company) [Internet Widgits Pty Ltd]:example
Organizational Unit Name (eg, section) []:example
Common Name (eg, YOUR name) []
Email Address []:

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

bash-3.2$ openssl rsa -in -out
Enter pass phrase for
writing RSA key

bash-3.2$ heroku ssl:add — app example
Added certificate to, expiring in 2013/02/03 05:02:47 -0800