I’ve had a few requests to go over setting up a Wildcard SSL cert, especially as it relates to things like CDN’s, subdomains, etc. So I wanted to put a guide out there so people can get help for an issue that is surprisingly frustrating to find information about.
If you’ve read my other guide to setting up SSL, you’ll have a good basis for what we are about to do, and many steps I mention below will be the same. But I’ll go through the whole process anyway, so you won’t have to do the math as to where to stop, change things, and start again on.Basic Steps:
- Install openssl if you haven’t already (via homebrew, from source, etc.).
- Generate keys using openssl
- Purchase and Activate Wildcard SSL certificate from Namecheap
- Create server.crt from certificates emailed to you
- Provision Heroku SSL endpoint
- Update your DNS settings on Namecheap
- Force SSL on Production
- Check to make sure SSL is working properly for the root domain
- Set up your wildcard certificate with Amazon Cloudfront as a CDN subdomain (https://cdn.example.com)
- Set up your wildcard certificate with Ghost JS Blogging as a blog subdomain (https://blog.example.com)
Install Open SSL: (almost all of this will be done from the command line)
Is OpenSSL already installed?… (Read More)