Getting and running with SSL has always been expensive. Heroku for the longest time charged $20 a month to have a custom domain with SSL, and then it usually cost a lot of money to just buy a yearly cert (anywhere from $9 to $100 or more).
Earlier this week, I ran across Let's Encrypt with a Rails app on Heroku. This article is great. It shows you how to take a Let's Encrypt certificate, which are free, and add it to the $20 SSL on heroku.
Heroku calls this $20 a month SSL, SSL Endpoint. They now have a free SSL option called Heroku SSL. Heroku SSL is free if you pay for a dyno, so that means SSL on a custom domain is now $7 a month instead of $20! You lose support for older versions of Android and Windows, but in general, those versions are not really used, and are worth the cost savings!
Here is a list of commands I ran to get giftionary.city running with this new discounted option:
brew install certbot
sudo certbot certonly --manual
- Verified my domains by deploying new static pages to my heroku app. One for each cert (www.giftionary.city and giftionary.city).
sudo heroku certs:add /etc/letsencrypt/live/giftionary.city/fullchain.pem /etc/letsencrypt/live/giftionary.city/privkey.pem --type=sni
- Then I went and updated my DNS! Sadly my DNS provider doesn't support ALIAS records, so giftionary.city's cert doesn't work, but www.giftionary.city's does.
Pretty easy and fast way to get a cert. It expires in three months, which is kind of rough, but for free, I'm willing to deal with that.
- Old world per year: ($20 * 12) + $100 = $340
- New world per year: $7 * 12 = $84
I hope this helps!
p.s. Check out my post on how to update your cert once it expires in three months.