Issue
Your app is no longer connecting to your Key-Value Store and you are seeing errors relating to self-signed certificates.
Eg: <OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)> SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)
Resolution
Production plans (Premium and higher) of Heroku Key-Value Store running Heroku Key-Value Store 6+ require TLS connections. Heroku Key-Value Store uses self-signed certificates, which can require you to configure the verify_mode
SSL setting of your Key-Value Store client.
To disable certificate verification, add { verify_mode: OpenSSL::SSL::VERIFY_NONE }
(or your language equivalent) to your Heroku Key-Value Store connection configuration. We have example implementations for the following languages:
- Java
- Ruby
- Python
- Node.js
- Go
-
PHP - Please note that in PHP
{ verify_mode: OpenSSL::SSL::VERIFY_NONE }
is known as[verify_peer_name]
. An example implementation is using?ssl[verify_peer_name]=0&ssl[verify_peer]=0
with the latest Predis. More info on connecting in PHP.
See Connecting to Heroku Key-Value Store for details and further examples on setting up TLS connections.