How do I securely store a .pem file when working with git-tracked heroku project?

I’ve got a git-tracked repo and am setting it up to work with APN for IOS push notifications. I’m looking at implementing the npm module https://github.com/argon/node-apn in a similar way as here: https://github.com/hollyschinsky/PushNotificationSample

In this code, there is

  • Is it possible to use winmerge to view git diffs from cygwin?
  • Installing Rails Plugin Requires Git?
  • Resolving Git merge conflicts
  • Select Git branch for TeamCity Build
  • How to list files that have been created/removed between given commits
  • What is the practical difference between `git rm --cached`, `git reset --` and `git reset HEAD` to unstage changes?
  • var options = {
        gateway: 'gateway.sandbox.push.apple.com', // this URL is different for Apple's Production Servers and changes when you go to production
        errorCallback: callback,
        cert: 'your-cert.pem', // ** NEED TO SET TO YOURS - see this tutorial - http://www.raywenderlich.com/32960/apple-push-notification-services-in-ios-6-tutorial-part-1
        key:  'your-key.pem',  // ** NEED TO SET TO YOURS
        passphrase: 'your-pw', // ** NEED TO SET TO YOURS
        port: 2195,                       
        enhanced: true,                   
        cacheLength: 100                  
    }
    

    However, how am I meant to reference my .pem files without committing them to Github?

    At the moment, I’m deploying to Heroku.

  • Display current GIT branch in visual studio?
  • Limit depth of .gitignore
  • How does git-receive-pack work?
  • Is there a way to rollback my last push to Git?
  • Why does Gerrit show a different number of changes than git does?
  • Automatically set upstream after pushing a new branch
  • One Solution collect form web for “How do I securely store a .pem file when working with git-tracked heroku project?”

    Do this via Heroku’s (environment) config variables.

    If you’re using node-apn or something similar, you should be able to pass in the certificate and key content instead of a path. Use ENV vars to pass in that the key content, as recommended by Heroku.

    cert: process.env.APN_CERT,
    key:  process.env.APN_KEY,
    passphrase: process.env.APN_PASSPHRASE,
    

    Since you can’t set multi-line values for app config in the web interface, you’ll have to use the command line to set APN_CERT and APN_KEY:

    $ heroku config:set APN_CERT="-----BEGIN CERTIFICATE-----
    > MIIDOjCCAiICCQCZTWzQNz6sqTANBgkqhkiG9w0BAQsFADBfMQswCQYDVQQGEwJB
    > VTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50ZXJuZXQgV2lkZ2l0
    ...
    
    Git Baby is a git and github fan, let's start git clone.