SSL for custom domain on free-tier Heroku can be done with proper Cloudflare settings

In short, you don't need an SSL certicate on Heroku at all, but

Cloudflare settings need to be

• SSL/TLS encryption mode is Flexible.
• Page Rules. You can only set 3 for free for a given domain name.
  • *.your.tld/*
    • Always Use HTTPS

It is related to this post, where he uses WordPress (and the correlated MySQL / AWS S3.)

Complete Guide To Hosting Wordpress On Heroku With SSL Certification

aryaziai ・ May 26 ・ 7 min read

#heroku #wordpress #cloudflare #hosting

I am going to ditch Google Cloud Run for Heroku for now. I still get full power of Docker, with no problem of custom domain mapping (and avoid some meager payment, not free).

This website, with CORS-enabled public OpenAPI, actually. (Some other securities I put in are Helmet and Rate-Limiting, as well as database user being read-only.)

patarapolw / jpapi

An OpenAPI for Japanese with CORS enabled with full MongoDB query language

Comments

[Irvan Fauziansyah]

Thanks dude, you really saved my day! After hours of setting up custom domain and SSL, I was almost frustrated to find this message from my last hope.

▸ You need to be running on either Hobby or Professional dynos to be able to use SNI SSL.