Update SSL certificate on Heroku from DNSimple
This gem provides heroku-dnsimple-cert executable script to upload SSL certificate from DNSimple to Heroku application.
Automated Certificate Management is enabled by default for all applications created after March 21, 2017 that are running on Hobby or Professional dynos.
Issue certificate on DNSimple for the first time and enable auto-renew:
https://support.dnsimple.com/articles/ordering-lets-encrypt-certificate/
Change your DNS for domain on your app www.yourdomainname.com.herokudns.com:
https://devcenter.heroku.com/articles/ssl#change-your-dns-for-all-domains-on-your-app
Generate Heroku auth token:
heroku plugins:install heroku-cli-oauthheroku authorizations:create -d "letsencrypt-heroku"
Generate DNSimple auth token:
https://support.dnsimple.com/articles/api-access-token/
When certificate will be issued on DNSimple you need to run script to setup it to the Heroku application:
heroku-dnsimple-cert update \--dnsimple-account-id=DNSIMPLE_ACCOUNT_ID \--dnsimple-common-name=DNSIMPLE_COMMON_NAME \--dnsimple-domain=DNSIMPLE_DOMAIN \--dnsimple-token=DNSIMPLE_TOKEN \--heroku-app=HEROKU_APP \--heroku-token=HEROKU_TOKEN
You can configure these environment variables in .env or whatever you use,
so that heroku-dnsimple-cert will use them by default:
DNSIMPLE_TOKEN=DNSIMPLE_ACCOUNT_ID=DNSIMPLE_DOMAIN=DNSIMPLE_COMMON_NAME=HEROKU_TOKEN=HEROKU_APP=
At this point, you can verify that your application is serving your certificate by running:
openssl s_client -connect <dns target>:443 -servername <your domain># e.g. openssl s_client -connect www.example.com.herokudns.com:443 -servername www.example.com
To enable certificate renew for Rails applications:
bin/build checks your specs and runs quality toolsbin/quality based on RuboCop.rubocop.yml describes active checksRuby Base is maintained by Timur Vafin.
It was written by Flatstack with the help of our
contributors.
