What steps do I need to take to move my normal node.js application into a state where it is secure on my custom domain? When I visit my heroku application example.herokuapp.com, the connection is secure across https://.
When I forward that heroku domain to my own site however www.example.com, it shows a warning that the connection is not secure.
Are there any articles online that have answered this question? I cannot seem to find any information on what steps to take. Thanks all
On
The steps for setting up custom domain SSL with your Heroku app are as follows:
1- Add your SSL add-on:
$ heroku addons:add ssl
2- Add the certificate to your app
Using the certificate you generated in the previous step, upload it to Heroku:
$ heroku certs:add server.crt server.key
3- Configure DNS
Add a CNAME record in the DNS configuration that points from the domain name that will host secure traffic e.g. www.yourdomain.com to the SSL endpoint hostname, e.g. example.herokussl.com. Consult your DNS provider for instructions on how to do this. The target should be the fully qualified domain name for the SSL endpoint associated with the domain.
You will find further information in Heroku Dev Center:
On
Use Expedited CDN add-on and you can force for https for free.
First you need to be in at least hobby plan.
Need to add automated Automated Certificate Management (ACM) and your custom domain/s.
You can add Expedited CDN from resources tab of your project and its free.
Then visit Expedited CDN and configure DNS as mentioned there its easy and hassle free just follow the steps, trust me it will work.
I have provided some screenshots only for reference.
It has lot of additional features you might be looking.
Assuming you have the hobby or professional account, run the following command to get the automated certificate management (ACM) to work:
heroku certs:auto:enable -a <app name>https://devcenter.heroku.com/articles/automated-certificate-management