I’m working on a small side project that requires proper SSL configuration. Since I like using heroku to bootstrap my projects, I thought it would also be a great idea to do that in this case… As it turns out, it was quite a hassle to get it up and running the way I want it to be.
When you create a new app on the cedar stack you get SSL for fee. The only downside here is that this is only true for the your-app.herokuapp.com subdomain that hosts your application. If you want to add SSL to your custom domain it get’s a bit hairy.
Custom Domain SSL
Once you have added your domain to heroku and delegated the the name-server lookup via CNAME, you need to provision a SSL addon that costs $20 per month. This is just for the addon, no batteries included! So you also need to buy a SSL-certificate from the authority of your choice.
This setup is unfortunately not working with my hosting provider domainFACTORY as they allow only subdomains to be aliased via CNAME, the root-domain is not configurable. So you can forward www.yourdomain.de
but not yourdomain.de
.
CloudFlare to the rescue
The CDN provider CloudFlare has free SSL support when using the Pro Plan that also costs $20. This is a bargain compared to the heroku SSL-plugin as CloudFlare has way more use-cases than just SSL.
Configuring the DNS on domainFACTORY is quite simple. Just go to Für Profis > Nameserver-Einstellungen in your admin setup and remove all the DNS entries. Add the CloudFlare name-server settings to the bottom:
DNS + SSL made simple!