I’m working on a small side project that requires proper SSL configuration. Since I like using heroku to bootstrap my projects, I thought it would also be a great idea to do that in this case… As it turns out, it was quite a hassle to get it up and running the way I want it to be.
When you create a new app on the cedar stack you get SSL for fee. The only downside here is that this is only true for the your-app.herokuapp.com subdomain that hosts your application. If you want to add SSL to your custom domain it get’s a bit hairy.
Custom Domain SSL
Once you have added your domain to heroku and delegated the the name-server lookup via CNAME, you need to provision a SSL addon that costs $20 per month. This is just for the addon, no batteries included! So you also need to buy a SSL-certificate from the authority of your choice.
This setup is unfortunately not working with my hosting provider domainFACTORY as they allow only subdomains to be aliased via CNAME, the root-domain is not configurable. So you can forward www.yourdomain.de but not yourdomain.de.
CloudFlare to the rescue
The CDN provider CloudFlare has free SSL support when using the Pro Plan that also costs $20. This is a bargain compared to the heroku SSL-plugin as CloudFlare has way more use-cases than just SSL.
Configuring the DNS on domainFACTORY is quite simple. Just go to Für Profis > Nameserver-Einstellungen in your admin setup and remove all the DNS entries. Add the CloudFlare name-server settings to the bottom:
DNS + SSL made simple!