How do I securely store a .pem file when working with git-tracked heroku project?

I’ve got a git-tracked repo and am setting it up to work with APN for IOS push notifications. I’m looking at implementing the npm module https://github.com/argon/node-apn in a similar way as here: https://github.com/hollyschinsky/PushNotificationSample

In this code, there is

  • Git: Discard all changes on remote branch when merging
  • How long does 'Git push -u' remember the parameters for?
  • Why must I force push after changing a commit message?
  • Git: Discard all changes on a diverged local branch
  • Error: src refspec does not match any
  • Git diff to show only lines that have been modified
  • var options = {
        gateway: 'gateway.sandbox.push.apple.com', // this URL is different for Apple's Production Servers and changes when you go to production
        errorCallback: callback,
        cert: 'your-cert.pem', // ** NEED TO SET TO YOURS - see this tutorial - http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1
        key:  'your-key.pem',  // ** NEED TO SET TO YOURS
        passphrase: 'your-pw', // ** NEED TO SET TO YOURS
        port: 2195,                       
        enhanced: true,                   
        cacheLength: 100                  
    }
    

    However, how am I meant to reference my .pem files without committing them to Github?

    At the moment, I’m deploying to Heroku.

  • Clone a private repo of github with username and password
  • Can artists realistically cope with (distributed) version control in an open source environment?
  • access denied when cloning local git from Jenkins
  • Git - Went back to a previous commit and now want to write over the commits in front
  • Installation of python libraries on OS X
  • Jenkins Git Parameter plugin cannot fetch tags
  • One Solution collect form web for “How do I securely store a .pem file when working with git-tracked heroku project?”

    Do this via Heroku’s (environment) config variables.

    If you’re using node-apn or something similar, you should be able to pass in the certificate and key content instead of a path. Use ENV vars to pass in that the key content, as recommended by Heroku.

    cert: process.env.APN_CERT,
    key:  process.env.APN_KEY,
    passphrase: process.env.APN_PASSPHRASE,
    

    Since you can’t set multi-line values for app config in the web interface, you’ll have to use the command line to set APN_CERT and APN_KEY:

    $ heroku config:set APN_CERT="-----BEGIN CERTIFICATE-----
    > MIIDOjCCAiICCQCZTWzQNz6sqTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJB
    > VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
    ...
    
    Git Baby is a git and github fan, let's start git clone.