Free SSL with Heroku, Cloudflare, and Google Domains
Recently, I went through the process of deploying a small Rails application on Heroku and registering a custom domain with Google Domains for it. In today’s web, HTTPS encryption is a must have, and I wanted it for my site.
Heroku offers Automated Certificate Management for a small monthly cost, but I didn’t want to pay. Instead, I used Cloudflare’s Free SSL/TLS protection and configured Heroku myself. These are the steps I took to configure Heroku and Google Domains to get free SSL through Cloudflare!
Add Custom Domains to Heroku App Settings
Log in to Heroku and go to Settings -> Domains for the application. Add two custom domains:
There’s an entry for the domain with "www"
in front of it, and one without. Each of the entries has a DNS Target created for it. Take note, because these are used in Cloudflare.
Add Heroku DNS Entries to Cloudflare Domain
Log in to Cloudflare and click Manage for an existing domain (or create a new one). At the top of the DNS settings dashboard, there is a section for adding DNS entries. Add two new entries:
The IPv4 Address fields for each of the DNS entries correspond with the DNS Targets of the custom domains in Heroku. The entry named "www"
uses the DNS Target of the custom domain with "www"
in the front of the domain name.
Find Cloudflare Nameservers
Below the DNS records, there is a section named Cloudflare nameservers:
These nameservers need to be set in Google Domains.
Add Cloudflare Nameservers to Google Domains
Log in to Google Domains and click Manage for an existing domain (or register a new one). Navigate to DNS -> Name servers and select Use custom name servers
. Add two entries for each of the nameservers listed in Cloudflare:
In Google Domains, the DNS entries take between several minutes and up to 48 hours to update.
Set Cloudflare’s SSL Settings
Back in Cloudflare, go to SSL/TLS -> Overview and select Flexible
for the encryption mode:
Go to Edge Certificates and flip the switch for Always Use HTTPS to On
.
Once these settings are updated, it takes between several minutes and up to 24 hours for the changes to reflect.
Conclusion
If everything is set up correctly, the Heroku application will be available at "another-cool-domain.com"
. It will also automatically redirect to "https://another-cool-domain.com"
!