Heroku SSL Certificate Addition

Heroku SSL Certificate Addition

If you own an account with DNSimple, then you certainly know how beneficial DNSimple is. If you do not have an account, then you better sign up for one now. To sign up, you just have to visit the website of DNSimple and then refer to the link on the upper right hand corner of the site that says “Get Started”. When you click that, you will be taken to a new page. Enter your email address, come up with a password and then confirm the password. After that, click the box that says “Join DNSimple.” When you are signed up, refer to the tips below on the Heroku SSL Certification Addition.

Purchase an SSL Certificate from GoDaddy

First of all, you need to purchase an SSL Certificate from GoDaddy. Simply refer to the option to manage interface and choose the domain that you’re looking to purchase and click “buy an SSL Certificate”. Follow the rest of the instructions. Remember that you can also let GoDaddy create a private key as well as a certificate signing request for you, if you are not that paranoid about your private key and CSR getting compromised. Don’t worry, for you can certainly erase the private key out of the GoDaddy servers as soon as possible, right after you have saved it to a well secured place.

In a short while, you will then receive certain emails that contain the new SSL Certificate. There will be a resulting wildcard certificate that will come from Comodo.

Construct the Public Certificate Chain PEM file

Along with the SSL Certificate, you will be sent a zip file that contains the Root CA certificate as well as some intermediate CA certificates. But right before the certificate can be uploaded to Heroku, the files must first be concatenated together in order to create a certificate chain. Make sure that you concatenate the files on the proper order, beginning with your certificate and then ending right at the root cert. Or else, Heroku won’t be able to distinguish the outcome as public key certificate.

Include the SSL Endpoint Add-on to Your App

After you build the public certificate chain PEM file, the next step is to add the “SSL Endpoint Add-on” into your app. It should show as “$ heroku addons:add ssl:endpoint”. In case you didn’t know, the SSL Endpoint is a paid add-on service. Make sure to keep this in mind if you are provisioning the service.

Put Up your SSL Cert and Private Key to Heroku

Finally, you are now on the process of uploading the SSL Cert as well as the private key. To upload the SSL Certificate as well as the Private Key to Heroku, the command should show as “$ heroku certs:add STAR_yourdomain_com-bundle.pem STAR_yourdomain_com-private.k”. After this, you are done with the process. If you are required to update an existing cert, then make use of this command – “cert:update”. If you do this, there is no longer a need for you to update your DNS settings. The command goes like this, “$ heroku certs:update STAR_yourdomain_com-bundle.pem STAR_yourdomain_com-private.key”.

 

Previous post:

Next post: