Encrypted communication is now the norm for applications on the Internet. At Heroku, part of our mission is to spread encryption by making it easy for developers to setup and use SSL on every application. Today we take a big step forward in that mission by making Heroku SSL generally available, allowing you to easily add SSL encryption to your applications with nothing more than a valid SSL certificate and custom domain.
Heroku SSL is free for custom domains on Hobby dynos and above and relies on the SNI (“Server Name Indication”) extension which is now supported by the vast majority of browsers and client libraries. The current SSL endpoint will remain available for the increasingly rare instances where your applications need to support legacy clients and browsers that do not support SNI.
We had an overwhelmingly positive response to our Beta launch, and are looking forward to having more and more users and teams use the new SSL service.
The first step for using Heroku SSL is getting an SSL certificate. Upload the certificate either via the dashboard on your application’s settings page or from the CLI. With this release we’ve made it even easier to complete the SSL certificate setup process in Dashboard :
To upload via the CLI, use the Heroku certs command as following:
$ heroku certs:add example.pem example.key
Note that our previous add-on, SSL Endpoint, will continue to exist. However, we highly recommend that you switch to Heroku SSL as we will be rolling out exciting new features to it over the coming months. In case you currently have an SSL Endpoint and would like to switch, we have some guidelines here on how to migrate from SSL Endpoint to Heroku SSL.
We hope these changes make security on Heroku more solid and easier to access and set up for all users . Your feedback is welcome and highly appreciated. Please write to us by selecting product feedback here: Product Feedback.