Issue
You're trying to upload a certificate and key for Heroku SSL, but you're receiving an error like:
Resolving trust chain... failed ! No key found that signs the certificate
Resolution
This means that the private key file you're attaching, we'll call it private.key
, doesn't match the public certificate, your-domain.crt
. The easiest way to check for a mismatch is running these two commands in your terminal:
$ openssl x509 -noout -modulus -in certificate.crt | openssl md5
$ openssl rsa -noout -modulus -in key.key | openssl md5
The outputs from both commands should match. If they don't match, you'll need to find the private key file that matches your certificate. If you're trying to update an existing certificate, please be aware that Heroku support doesn't have the ability to retrieve a private key you've uploaded. It's important to keep the private key file that matches your certificate somewhere safe.
If the outputs match, contact Heroku support.