(2 votes, average: 5.00 out of 5)
Loading...
Securing websites with SSL certificates has grown more crucial as more organizations move their operations online. Make sure your website is secure from online attacks if you’re utilizing Heroku as your web hosting platform. Although installing an SSL certificate on Heroku can appear difficult, it’s rather simple.
To secure your website and offer your customers confidence, we’ll walk you through the SSL installation steps on Heroku in this blog.
Generate CSR and Private Key
Before anything else, you must generate a CSR code. With our CSR generator tool, the process is quick & doesn’t require you to be an expert in SSL or Heroku. Or, perform these steps to Generate CSR on Heroku.
The next step is to access the .csr file after the code has been generated. A text editor can do it. Copy the full text, including the tags —-BEGIN NEW CERTIFICATE REQUEST—- and —-END NEW CERTIFICATE REQUEST—-, after it has been opened. When placing your order for an SSL certificate, you will require this.
Depending on the certificate you choose, the procedure could take a few seconds or up to five or seven business days. The Certificate Authority will provide you with all the certificate files after your verification is complete. Now you may start the installation process.
Steps to Install SSL on Heroku
To install an SSL certificate on Heroku, you’ll need the main certificate file (usually with a .crt extension), the CA Bundle file containing root and intermediate certificates, and the private key file that was generated with the CSR on the same server.
Once your Certificate Authority has validated your SSL request, you’ll receive these files in your inbox. The first step of the installation process is creating an SSL endpoint on Heroku.
If you use Heroku, you might be familiar with the SSL Endpoint add-on, as installing an SSL certificate for your app was once required. But, since their membership plans now include HerokuSSL, a new free utility, you may handle SSL encryption for your custom domains without having to pay an additional charge.
We’ll walk you through the installation processes for both HerokuSSL and SSL Endpoint so you can choose the option that best satisfies your needs.
The primary certificate and the CA Bundle need to be combined into a single file before you can continue with the installation process. If you wish to accomplish it manually, use any plain text editor > open the .crt and .ca-bundle files > paste the contents of the .ca-bundle file underneath the contents of the .crt file.
You must make sure there are no spaces between the codes, though.
If you don’t want the manual way, you can execute the following command on the command line to easily join the files:
cat yourcertificate.crt bundle.ca-bundle > server.crt
HerokuSSL allows for easy installation of SSL certificates via either the Dashboard or CLI. The Dashboard method is quick and simple. Let’s start with that.
Note: To create a CNAME record for your custom domain/subdomain on Heroku, you need to set the Host value (also called ‘Name’) as your domain/subdomain and the Target value (also called ‘Points to’) as your-domain/subdomain.herokudns.com.
Here’s an example: your-domain.com CNAME your-domain.com.herokudns.com or www.your-domain.com CNAME www.your-domain.com.herokudns.com.
You have successfully installed an SSL certificate on Heroku.
Another method of installing SSL is via Heroku Dashboard.
heroku certs:add server.crt server.key
heroku certs:add server.crt server.key --app yourappname
heroku certs:info
Note: Sometimes, while uploading the certificate, users have complained about receiving an “Internal server error.” An outdated CLI version could be one of the major reasons for it so updating it, to its latest version will troubleshoot the error.
To install the SSL certificate on SSL Endpoint, you need to create one first. Begin by running the following common d in your local environment prompt:
$ heroku addons:create ssl:endpoint
$ cat your-domain.crt bundle.crt > server.crt
This will combine the certificate files into a single file for use with your SSL endpoint.
$ cat your-domain.crt bundle.crt > server.crt
The output will show the details of your SSL certificate, including the hostname selected for your SSL endpoint and its expiration date. It may take up to 30 minutes (or sometimes up to 2 hours) for the endpoint creation to complete.
$ heroku domains:add www.your-domain.com
Running this command will add the domain to your app and display a confirmation message as
Adding www.your-domain.com to yourdomain… done
Record type – CNAME
Name – www
Target – your-domain.herokussl.com
For Wildcard Certificates, create a similar record:
Record type – CNAME
Name – *
Target – your-domain.herokussl.com
When setting a CNAME record for the root (@) domain, it will override all other records set up for the domain. Therefore, it’s essential to ensure that your certificate covers the subdomain if you want to create a CNAME for a subdomain such as www.your-domain.com, subdomain.your-domain.com, or *.your-domain.com.
That’s it! You have successfully finished the installation of SSL on Heroku. If you want to get a status report of it, you can always go for SSL Checker tool. It will make sure your SSL installation is running smoothly.
At Certera, we believe that securing your website and online transactions should be simple, hassle-free, and affordable. That’s why we offer a wide range of SSL certificates for Heroku, including DV SSL, OV SSL, and EV SSL Certificates, from basic to advanced, to fit the unique needs of your business. Our SSL certificates come with advanced features, including unlimited server licenses, strong encryption, & fast issuance so that you can secure your website in just minutes.