The SSL certificate for my Heroku app is expiring in a few days, and I wanted to see if I could use Dreamhost for Heroku’s SSL certificate.  I had previously used GoDaddy, but their certificates cost $49 whereas Dreamhost only cost $15 for a year.

I tried finding documentation online as to whether a Dreamhost certificate will work with Heroku, but I wasn’t able to find much, so I gave it a try myself.

And it turns out that a SSL certificate from Dreamhost does work with Heroku.

Here are the basic instructions for updating a Heroku’s SSL cert with one from Dreamhost.

  1. Login to Dreamhost’s web panel and purchase an SSL certificate for your domain
  2. Once the SSL certificate has been granted, you can access it from the Web Panel
    1. Menu -> Domains -> Secure Hosting
    2. Find the certificate under ‘Secure Certificates’ section
    3. Click on the ‘View’ link to the right of the certificate
    4. Click on the ‘Keys’ tab to see the certificate and private key
  3. There are 3 parts to the certificate: The certificate itself, the private key, and the intermediate certificate
  4. Open a text editor and copy the contents of the Certificate to the file
  5. Then copy the contents of the Intermediate Certificate and paste it to the end of the file
    1. Make sure there is a blank line between the Certificate and Intermediate Certificate
  6. Save the file as domain.pem
  7. Copy the contents of the Prive Key and save it to a separate file named private.key
  8. Now you’re ready to upload the certicate to Heroku
  9. First make sure you have the heroku-ssl-doctor plugin installed (note that this plugin will eventually be included in the core heroku toolbelt and will no longer need to be installed separately)
    1. run heroku plugins to see the list of plugins installed
    2. If it’s not installed run the following command to install it: heroku plugins:install
    3. this plugin will sort out everything with your certificate and ensure you have a complete trust chain.
  10. If you don’t have a certificate already installed on heroku, run heroku certs:add domain.pem private.key
  11. If you already have a certificate installed, run heroku certs:update domain.pem private.key

It might take a couple hours for browsers to recognize the new certificate, but you should be good to go.