Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
bin
 
 
exe
 
 
lib
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

Upload Certificate from DNSimple to Heroku

This gem provides heroku-dnsimple-cert executable script to upload SSL certificate from DNSimple to Heroku application.

Heroku do the same thing NOW

Automated Certificate Management is enabled by default for all applications created after March 21, 2017 that are running on Hobby or Professional dynos.

What it does

  • Fetch certificate from DNSimple via API
  • Add or update certificate on Heroku via API

How to prepare

Issue certificate on DNSimple for the first time and enable auto-renew: https://support.dnsimple.com/articles/ordering-lets-encrypt-certificate/

Change your DNS for domain on your app www.yourdomainname.com.herokudns.com: https://devcenter.heroku.com/articles/ssl#change-your-dns-for-all-domains-on-your-app

Generate Heroku auth token:

heroku plugins:install heroku-cli-oauth
heroku authorizations:create -d "letsencrypt-heroku"

Generate DNSimple auth token: https://support.dnsimple.com/articles/api-access-token/

Installation

When certificate will be issued on DNSimple you need to run script to setup it to the Heroku application:

heroku-dnsimple-cert update \
  --dnsimple-account-id=DNSIMPLE_ACCOUNT_ID \
  --dnsimple-common-name=DNSIMPLE_COMMON_NAME \
  --dnsimple-domain=DNSIMPLE_DOMAIN \
  --dnsimple-token=DNSIMPLE_TOKEN \
  --heroku-app=HEROKU_APP \
  --heroku-token=HEROKU_TOKEN

You can configure these environment variables in .env or whatever you use, so that heroku-dnsimple-cert will use them by default:

DNSIMPLE_TOKEN=
DNSIMPLE_ACCOUNT_ID=
DNSIMPLE_DOMAIN=
DNSIMPLE_COMMON_NAME=
HEROKU_TOKEN=
HEROKU_APP=

At this point, you can verify that your application is serving your certificate by running:

openssl s_client -connect <dns target>:443 -servername <your domain>
# e.g. openssl s_client -connect www.example.com.herokudns.com:443 -servername www.example.com

Auto-renewal

To enable certificate renew for Rails applications:

  • Add gem "heroku_dnsimple_cert" into Gemfile
  • Setup required env variables on Heroku
  • Add Daily Job to Heroku Scheduler: if [ "$(date +%d)" = 01 ]; then bin/rake heroku_dnsimple_cert:update; fi

Develop

  • bin/build checks your specs and runs quality tools
  • bin/quality based on RuboCop
  • .rubocop.yml describes active checks

Credits

Ruby Base is maintained by Timur Vafin. It was written by Flatstack with the help of our contributors.

About

Update SSL certificate on Heroku from DNSimple

Topics

Resources

License

Packages

No packages published
You can’t perform that action at this time.