4

I have a production instance on Heroku where users go to https://secure.myapp.com for checkout. I used hostname-based SSL because $100 / month just isn't feasible for my client.

Now, I'm in a situation where I need a staging environment (http://myapp-staging.herokuapp.com) and the SSL / subdomain stuff just doesn't work ("secure" replaces "myapp-staging") when going to the checkout, and the SSL cert I purchased won't work since it's keyed to myapp.com.

Can anyone please advise on what the most affordable setup is given this situation?

Thank you!

Trip
  • 26,756
  • 46
  • 158
  • 277
manafire
  • 5,984
  • 4
  • 43
  • 53

1 Answers1

0

If need to replicate your production environment that closely then your only option is to setup and pay for the same SSL that you have in production.

An alternative might be to configure your application so that it's not reliant on 'secure.' and use the piggyback SSL addon.

Neil Middleton
  • 22,105
  • 18
  • 80
  • 134
  • Production requires 'secure' b/c it's the only way to do SSL for a custom domain without paying Heroku $100/month. Guess I'll have to monkey up the [subdomain code](http://railscasts.com/episodes/221-subdomains-in-rails-3?view=asciicast) to change behaviour when the staging environment is detected just to be able to use the piggyback addon. :/ – manafire Mar 07 '12 at 22:47
  • I don't follow. You can run hostname SSL on www, as well as regular HTTP. What's more you can then run staging on www.yourapp.herokuapp.com with no changes already (subdomains can be freely added at will, e.g a.b.c.d.e.f.g.h.yourapp.herokuapp.com will work now too) – Neil Middleton Mar 08 '12 at 00:14
  • 1
    Using your nested subdomain suggestion, I was able to use the Piggyback SSL addon and [this ssl_requirement gem](https://github.com/bartt/ssl_requirement) to get everything working in the staging environment. Thanks! – manafire Mar 10 '12 at 17:35