1

I am using Heroku with RoR and Puma for my webserver. I am not using a custom domain (myapp.herokuapp.com). I want to add SSL support. Should I add the certificate to my repo and commit it with the config/puma.rb file that refers to them? It seems insecure to have my certificate in git.

Based on this I need to add a line like this:

bind 'ssl://127.0.0.1:9292?key=path_to_key&cert=path_to_cert'
Community
  • 1
  • 1
Eric
  • 5,815
  • 3
  • 25
  • 34
  • The certificate will be needed on heroku anyway, otherwise the server won't be able to use it to sign your requests. I think the best option for you would be to have the certificates only on the branch that goes to heroku and not on the one in your git repository. This way you will have it only where it belongs. – Fabricio Buzeto Dec 03 '14 at 17:08

1 Answers1

0

If you aren't using a custom domain you can piggy back on heroku's certificate.

Basically you can just run 

heroku addons:add ssl:piggyback

If you decide to start using a custom domain and want to use your own certificate then you need to use the ssl-endpoint add on. It's fine to commit your certificate to source control IMO. So long as it's not a public repository.

Jim Jeffries
  • 9,841
  • 15
  • 62
  • 103