In order to use ssl on openshift you must at least be on the free bronze plan. This was one of my primary reasons for choosing openshift over other PAAS out there. When building a self funded mvp, every little bit counts in terms of saving money.

There are a few other tutorials out there for adding ssl to openshift, but tended to get stuck on the last step. I’ll run through the process and detail the final step. I’ll also provide some links to other tutorials and stackoverflow answers in case you’re still having trouble and need a different perspective.

The first step is to ssh into your openshift account and generate the csrScreenshot 2015-01-17 20.55.25

I’m assuming you have already purchased your ssl certificates from a reputable host  and selected your web server. If so they will prompt you to enter your “CSR” as in the diagram.

To do this first ssh into you openshift account. Once you’re in go to:

cd ~/app-root/data

First generate private key:

openssl genrsa -des3 -out myapp.key 2048

Now create csr

openssl req -new -key myapp.key -out myapp.csr

Finally copy the csr encrypted content and paste to provider

cat myapp.csr

You may also want to scp ‘myapp.key’ to your local machine so it can be used later.

The final step is to combine if all your cert files. If it is not already ready done and upload them to your server.

cat mycert.crt > myapp.pem; rhc alias update-cert appname --certificate myapp.pem --private-key myapp.key --passphrase 'mypass'