I've got a heroku free plan, which is running on a custom domain with the PointDNS add-on so it can provide nameservers for DNS provider, if that matters.
I've got the website up and running on my custom domain, on https, but the ssl certificate points to *.herokuapp.com.
I suppose I need another SSL certificate for my custom domain, but after looking around for a long while I still couldn't find anything that doesn't require a paid heroku plan.
Is it even possible to add an ssl certificate, on a free heroku plan, on a custom domain? If so, please help me out.
I'm really over my head here and my knowledge about anything-ssl or dns is very limited.
From the PointDNS add-on doc (https://devcenter.heroku.com/articles/pointdns), I don't see how you can do this easily.
But, if you have purchased the domain (and not ddns), this should be pretty easy with cloudflare.
Setting up a Custom Domain name and FREE SSL certificate for Heroku Apps
Add DNS record to point to your site and redirect to heroku.
Enable the Crypto certificate, after this the certificate will be automatically distributed by Cloudflare.
Related
DNS beginner here so bear with me-- I have a small heroku node app and I can't afford the $7/m hobby plan that you need to auto generate an SSL certificate. I have a custom domain from AWS Route 53 that points to the app, but only the www. address works, not the https:// address, I gather because I don't have the SSL certificate.
I saw that there were some cloudfront hacks (2) but mixed reviews about whether they work, and they sound a bit too complicated for me, a beginner.
Are there any workarounds? Like, could I have my https:// AWS address just redirect to the www. one? Could I wrap the ssl'd heroku app in an iframe? Or are there other heroku jamstack type alternatives that offer more inexpensive SSL certificates?
You could potentially use CloudFlare's free SSL with heroku, here is a blog post that goes through the process.
I have a website called http://jobdirecto.com/ that I want to turn into HTTPS.
The site is hosted in Heroku and the domain I got from Namecheap.
I got the paid version of Heroku since that lets me configure the SSL (and I think that's what I have to configure to make it HTTPS). They ask me for a "public certificate" that I don't have though.
I also bought a SSL from SSLs.com and they gave me a private key but no public certificate.
I am lost in what I have to do now to make my website secure.
There's no need to purchase anything. Use Heroku's Automated Certificate Management, which is powered by Let's Encrypt:
Run heroku domains and make note of the .herokudns.com domain it lists
Set up a CNAME record for your custom domain pointing to the .herokudns.com domain from the previous step
Run heroku certs:auto:enable to start the certficate provisioning process
Run heroku certs:auto to see your certificate's status
Please note that
It usually takes between 45 and 60 minutes to generate a TLS certificate for your app’s custom domains
This will let your site run over HTTPS, but it won't automatically redirect requests from HTTP to HTTPS. To do that we'll need to know more about your application.
I've been looking up how to create a SSL certificate for my fileserver subdomain on GoDaddy. Unfortunately, this is not a service they offer as a company. From what I've read, it seems the best option is to create a virtual server and generate one that way which I have never done before and don't exactly have the time to create.
Any other options or suggestions?
If you are using a VPS, you can install Let's Encrypt. How to install and setup let's encrypt on domain or subdomain, you can give a look to tutorial
How to get FREE SSL certificate for any website?
there a several questions for Heroku, Cloudflare and DNS but doesn't match mine. I've configured Heroku with automated certificate management (ACM) and Cloudflare of course is configured to serve SSL from itself. With this I want to ensure, that requests are also encrypted between Cloudflare and Heroku.
SSL works perfect for the Client. Problem is, that Heroku can't verify the DNS settings from Cloudflare (which is documented from Heroku as ACM isn't working with Cloudflare this way). Of course I could disable it, but then the traffic isn't encrypted anymore between Heroku and Cloudflare, which would be the worst case.
Someone knows how I solve this and ensure the entire communication between my Heroku Apps, Cloudflare and the Client is encrypted?
That would be great, I look forward to your answers/questions.
Okay, after a few more researches I guess got the solution. In my case with Cloudflare, Heroku doesn't work with ACM in paid plans above Hobby dynos (as said from Heroku itself). Even the option to generate "Origin Certificates" on Cloudflare and put them into your Dyno config isn't working (tried with an ECDSA one).
It's possible to pay Heroku to be able to modify the SSL Endpoint with the "SSL Endpoint Add-on" (20$/mo) and modify Heroku in the way it works, which isn't an option to me.
Update: I the meantime Heroku did update the SSL behavior and you're able to upload an origin certificate (from Cloudflare for instance).
I am new to SSL concept. I am having a Rails 3.2 application running on heroku.
Can anyone please clarify me about the following things:
If I am having a heroku application "http://example.herokuapp.com", can I add SSL certificate to it without having any own domain (like www.example.com). If so, could you please provide a reference url to that process.
If the above thing is possible, in future if I own a domain (like www.example.com), can I add the same SSL certificate to that domain. Or I need to have a new SSL certificate for it. Or pointing secured (https) url of that application to the new domain (like www.example.com) is sufficient?
Thanks in advance.
Regards,
K. Subrahmanyam
You don't have to buy or add anything to use SSL and HTTPS on the .herokuapp.com subdomain, it comes with piggyback-SSL for free out of the box. I.e.: https://example.herokuapp.com/
If you add a custom domain and want SSL on that, you also have to buy a certificate for the domain and add the relevant add-on. That's documented on Dev Center.