[DEPRECATED] Why am I seeing a ‘Certificate Mismatch Error’ when I access my custom domain over SSL/TLS?


When you access your Heroku application via its configured custom domain you receive a browser error about a Certificate Mismatch


This error can occur for a number of reasons.

Incorrect DNS configuration

Provisioning SSL involves updating your DNS configuration to point at the new herokussl.com address (US region only). Incorrect configuration will cause a 'Certificate Mismatch Error' as your browser will still be receiving the wildcard herokuapp.com cert we provide by default.

DNS Provider is Performing the Redirect

While a redirect (typically at the root domain, eg mydomain.com) will work for http requests if you attempt to access https://mydomain.com then your DNS provider will not have a valid certificate for your domain and a 'Certificate Mismatch Error' or a 'Connection Failed' error would be displayed by your browser. If you wish to use root domains and SSL then you need to use a DNS provider that supports using CNAMEs at the root level and perform the redirect at the application level.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support
Terms of Service Privacy Cookies © 2018 Salesforce.com