Heroku SSL on the root domain

Heroku SSL on the root domain

How to make it works? How to set up Heroku SSL on the root domain? Before you continue to read, here’s what my problem (which may be similar to yours).

One of client’s Rails app running on Heroku, which I’ve handled since 2012, can’t be accessed by https://domain.com.

Yet it’s working when you access it through http://domain.com. With this way, you’ll be redirected to https://www.domain.com. Fyi, https://www.domain.com had been the preferred URL since the web was launched many years ago.

However, when you type https://domain.com, instead of redirecting https://domain.com to https://www.domain.com, the browser will show an error:

Your connection is not private blah blah (you got the idea)

So, that’s the background problem which makes me read the updated Heroku docs about this.

I also stumbled on this Heroku doc, and it’s clearly said:

If you need to support SSL on your root domain you will need to switch to a DNS host that supports CNAME-like records (often referred to as ALIAS or ANAME records).

Ok, I admit that on the DNS Management for that app, I only set up URL redirects/forwarding from domain.com to https://www.domain.com.

The next thing I’ve done is opening the DNS Management service for that app, then remove that URL redirects from domain.com to https://www.domain.com

That’s the first step I’ve done, but of course, it’s not fixing the problem yet.

And here are the next steps I did to make this works, so accessing https://domain.com redirect to https://www.domain.com. The same goes with any path under and it redirects to .

  • Make sure the DNS Management service I used provided either ALIAS or ANAME. Luckily for me, the DNS Management service we use, which is DNSMadeEasy, supported the ANAME. Great!
  • I run Heroku domains -an app_name on my Mac’s terminal and saw the record for www.domain.com there along with its DNSTarget www.domain.com.herokudns.com
  • If you are using Heroku SSL Endpoint, and you saw blah.herokussl.com, then you can continue to follow this SO answer
  • But if it’s still not working for you, you can try the following ways I’ve done:
    • Make sure you removed the URL forwarding from domain.com to https://www.domain.com.
    • Go back to the terminal
    • Run heroku domains:add domain.com -a app_name or you can do this to on Settings tab from your Heroku app inside Heroku's admin dashboard.
    • After that, you should see the new domain is added on your Heroku app, and you’ll see its DNS target like blahblahblah.herokudns.com
    • Add that blahblahblah.herokudns.com as the ANAME or ALIAS record’s target or value, and point it to your domain.com. In my case, I used ANAME because DNSMadeEasy provided that ANAME instead of ALIAS
    • Set the TTL to be low, so in case it’s not working, you won’t have to wait for long before you can see your changes again. I set it for 180.
    • Wait several minutes, in my case, I waited for 10 minutes, and I saw the following URLs are working:
      • http://domain.com redirects to https://www.domain.com
      • https://domain.com redirects https://www.domain.com
      • http://www.domain.com redirects to https://www.domain.com
      • https://www.domain.com is working as usual.

Don’t forget to make sure you had this set up on your productions.rb file.

config.ssl = true

DNS Management Service did not provide either ALIAS or ANAME

I feel sorry for you, but you had no other choice but switching to another service that provided either ALIAS or ANAME.

Here are the DNS Management Service lists I got from Heroku which are supporting ALIAS or ANAME

  1. ALIAS at DNSimple
  2. ANAME at DNS Made Easy
  3. ANAME at easyDNS
  4. ALIAS at PointDNS

Gitpod Cloud IDE: 30% off for first 3 months. CODE: KEVINHQ. Click here