Menu
I would like to set some SSL certificates for one app I have on heroku (a simple application based on nodeJS + Vue).
I know if I upgrade to the Hobby Plan (7$ for month) I can have it automatically.
But for now it would too much money for a test application, so I am wondering if I can achieve some similar goal also with a Free Plan.
so: Is it possible to set SSL certificate for an app on Heroku JUST with the Free Plan? Maybe in a complicated/tricky way via CLI?
From the Heroku pages and documentation it looks not possible. But I have to ask :)
594
Heroku SSL is a combination of features that enables SSL for all Heroku apps. Heroku SSL uses Server Name Indication (SNI), an extension of the widely supported TLS protocol.
In order to install a certificate on Heroku, you need to have the following files: Certificate file sent by the Certificate Authority once the certificate is issued. You can also download the certificate from your SSLs.com account.
Add Multiple SSL/TLS Certificates to Apps Previously, an app on Heroku could only have one TLS termination certificate. This constraint has been relaxed starting with certificates generated with Heroku ACM.
To use it, there are three simple steps: Acquire an SSL certificate from your SSL provider. Upload the certificate to Heroku. Update your DNS settings to reference the new SSL endpoint.
Here I have a better approach to deal with this. As Heroku Doesn't provide SSL for Free Plan. But You can use Cloudflare which gives free SSL. You can Use Cloudflare As Bridge For SSL.
Requirement:
Step 1: Point Your domain to CloudFlare. You basically open an account an enter your domain when prompted. You may be given instructions to change your domain name servers.
Step 2: Add Cname Record of Heroku Server in DNS of Cloudflare. Instructions are here Here You will get Some SSL Security Issue.
Step 3: Now Change Your SSL/TLS encryption mode to Flexible (Not Full). *Important 
Now Understand the Working:-
Client(Browser) Make Request to https://example.com First, the request reaches the Cloudflare with SSL. (User see encrypted connection to the server.)
Then Cloudflare makes request to Heroku Server(Origin) with Non-SSL (Non-Https and Unencrypted).
Then Heroku Server (Origin) returns the Response with Non-SSL to Cloudflare.
At the end Cloudflare forward the request to Client (Browser.)
You might think, What is the benefit of just encrypting half system. but "Something is better then nothing".
You are here because you don't want to spent money on heroku paid dynos.
This method is better for those who is using http. Atleast it protects the most vulnerable side (client side). Where most of the attack happen. There is very less chances of attack between cloudflare and your server. Because of network reach.
Having less vulnerable probability is better then 100% vulnerable system
I have tested this method and working on https://www.auedbaki.com
196
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
