Menu
My DNS has an option to use SHA-1 or SHA-2 for the ssl certificate. Which one should I choose to be compatible with Heroku SSL Endpoint? Does either work?
413
Click “Connection” > Certificate information. In the “Certificate” dialog, click “Details” and select “Signature hash algorithm” and lookout for the value. Click Security tab and “View Certificate” button.
It is worth saying that you need to purchase the SSL Endpoint for your application at Heroku, which costs $20/month. Also, you can have a free certificate installed using the Heroku SSL option. For this to be done, please use the following command: heroku certs:add example.
With Automated Certificate Management (ACM), Heroku automatically manages TLS certificates for apps running on paid dynos on the Common Runtime. Certificates handled by ACM automatically renew one month before they expire, and new certificates are created automatically whenever you add or remove a custom domain.
Heroku SSL is a free feature that allows for the managing of SSL/TLS encryption for custom domains and relies on the Server Name Indication (SNI). Please note that Heroku SSL is currently available under Heroku paid plans only.
Either should be fine. SHA-2 will break IE6, and all versions of IE on Windows
XP prior to SP 3. If you're fine with that, go for it.
-Tom Maher
Heroku Security Team
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With