#619 /

Cheaper SSL on Heroku

By Nat Welch

Getting and running with SSL has always been expensive. Heroku for the longest time charged $20 a month to have a custom domain with SSL, and then it usually cost a lot of money to just buy a yearly cert (anywhere from $9 to $100 or more).

Earlier this week, I ran across Let’s Encrypt with a Rails app on Heroku. This article is great. It shows you how to take a Let’s Encrypt certificate, which are free, and add it to the $20 SSL on heroku.

Heroku calls this $20 a month SSL, SSL Endpoint. They now have a free SSL option called Heroku SSL. Heroku SSL is free if you pay for a dyno, so that means SSL on a custom domain is now $7 a month instead of $20! You lose support for older versions of Android and Windows, but in general, those versions are not really used, and are worth the cost savings!

Here is a list of commands I ran to get giftionary.city running with this new discounted option:

  • brew install certbot
  • sudo certbot certonly --manual
  • Verified my domains by deploying new static pages to my heroku app. One for each cert (www.giftionary.city and giftionary.city).
  • sudo heroku certs:add /etc/letsencrypt/live/giftionary.city/fullchain.pem /etc/letsencrypt/live/giftionary.city/privkey.pem --type=sni
  • Then I went and updated my DNS! Sadly my DNS provider doesn’t support ALIAS records, so giftionary.city’s cert doesn’t work, but www.giftionary.city’s does.

Done!

Pretty easy and fast way to get a cert. It expires in three months, which is kind of rough, but for free, I’m willing to deal with that.

  • Old world per year: ($20 * 12) + $100 = $340
  • New world per year: $7 * 12 = $84

I hope this helps!

/Nat

p.s. Check out my post on how to update your cert once it expires in three months.