The SSL certificate for my Heroku app is expiring in a few days, and I wanted to see if I could use Dreamhost for Heroku’s SSL certificate. I had previously used GoDaddy, but their certificates cost $49 whereas Dreamhost only cost $15 for a year.
I tried finding documentation online as to whether a Dreamhost certificate will work with Heroku, but I wasn’t able to find much, so I gave it a try myself.
And it turns out that a SSL certificate from Dreamhost does work with Heroku.
Here are the basic instructions for updating a Heroku’s SSL cert with one from Dreamhost.
- Login to Dreamhost’s web panel and purchase an SSL certificate for your domain
- Once the SSL certificate has been granted, you can access it from the Web Panel
- Menu -> Domains -> Secure Hosting
- Find the certificate under ‘Secure Certificates’ section
- Click on the ‘View’ link to the right of the certificate
- Click on the ‘Keys’ tab to see the certificate and private key
- There are 3 parts to the certificate: The certificate itself, the private key, and the intermediate certificate
- Open a text editor and copy the contents of the Certificate to the file
- Then copy the contents of the Intermediate Certificate and paste it to the end of the file
- Make sure there is a blank line between the Certificate and Intermediate Certificate
- Save the file as domain.pem
- Copy the contents of the Prive Key and save it to a separate file named private.key
- Now you’re ready to upload the certicate to Heroku
- First make sure you have the heroku-ssl-doctor plugin installed (note that this plugin will eventually be included in the core heroku toolbelt and will no longer need to be installed separately)
- run heroku plugins to see the list of plugins installed
- If it’s not installed run the following command to install it: heroku plugins:install https://github.com/heroku/heroku-ssl-doctor.git
- this plugin will sort out everything with your certificate and ensure you have a complete trust chain.
- If you don’t have a certificate already installed on heroku, run heroku certs:add domain.pem private.key
- If you already have a certificate installed, run heroku certs:update domain.pem private.key
It might take a couple hours for browsers to recognize the new certificate, but you should be good to go.