Stop pouring through MAN pages and outdated blog posts that don't take into account new requirements.
With our addon, you can go from install to confirmed installation in as little as twenty minutes: using nothing but your browser.
My pretty green SSL lock turned gray in Chrome today. Spent half a day setting that up. Just used Heroku @ExpeditedSSL add-on. 5 mins flat— Joel Hooks (@jhooks) January 23, 2015
I wish we'd discovered @expeditedssl before dealing with all our SSL crap. Great looking service.— nusii (@nusiiapp) July 8, 2014
If I'd had @expeditedssl when I launched each of my products I'd have literally days of my life back. Can't wait for an excuse to use it.— trcull (@trcull) July 9, 2014
Stop wasting time trying to get SSL working on Heroku. Use @ExpeditedSSL and start smiling because you've got the afternoon off!— Charlie Irish (@charlieirish) July 8, 2014
ExpeditedSSL: The Fastest, Easiest way to SSL your Heroku Apps http://t.co/V6bcJP1Ycm— Angelo Iasevoli (@angelo_iasevoli) July 30, 2014
I love you @heroku but SSL and your platform is a nightmare. Just buy the expedited ssl add-on entirely and pull it into the platform— Joel Oliveira (@jayroh) June 13, 2014
@expeditedssl - thank you for letting me not wrangle with SSL certs again!— Barry Welch (@sleep) July 7, 2014
If anyone ever needs to get a SSL working with heroku custom domains I can heartily recommend Expedited SSL add-on— World Of Proper (@worldofproper) July 8, 2014
@ExpeditedSSL I just wanted to say thank you for the super fast hookup on the SSL and support I received!— Don Dikaio (@DonDikaio) July 15, 2014
One of the things I love about heroku and @ExpeditedSSL is I hardly ever have to worry about devopsy kind of stuff anymore.— Ryan Castillo (@rmcastil) July 24, 2014
The most stressed I've been is trying to add SSL certs to Heroku apps. Now, there's an add-on for that: https://t.co/dUhR0tb5mr— Maia Bittner (@maiab) July 30, 2014
.@ExpeditedSSL is worth every penny. Maybe similar automation is available for AWS ELBs…— Chas Emerick (@cemerick) November 11, 2014
Just solved all my Heroku SSL headaches with @ExpeditedSSL and now I never have to install a cert ever again.— Matthew Lehner (@matthewpearse) July 8, 2014
PSA for Heroku users: @ExpeditedSSL is *the* way to get an SSL cert and configure SSL on Heroku. So much easier than before.— Andrew Culver (@andrewculver) July 10, 2014
Just ran through @ExpeditedSSL's setup again and it's even easier than I remember. Doing Heroku SSL manually really is a fool's errand. :-)— Andrew Culver (@andrewculver) July 23, 2014
https://t.co/woNd9OPtYI is a brilliant product for anyone using Heroku to do custom development for clients.— Paul McMahon (@pwim) November 17, 2014
Purchasing and installing a SSL Certificate on your Heroku instance is fraught with peril. You have to make determinations about keysizes, generate CSRs, differentiate between FQDN's and common names and fill out fields on a command line correctly or face rejection in the form of an obscure error message.
Then, even if you've done all that right, you can still easily install the cert in some subtly wrong way that shows everyone who hits your site a terrifying warning message
We've curated a massive list of buildpacks, tips, scripts and shortcuts to maximize your productivity developing on the Heroku platform.
SSL Tests can quickly bog down in pages of technical details. We've got a simple test that you can pass to someone else in your organization to communicate to them the importance of using and addressing SSL issues.
Heroku's Deploy Button launches Github + Bitbucket projects into a new app-instance along with all needed Addons. Our Button Maker makes the process of setting one up even easier.
You may have noticed that the SSL indicator in your browser looks different on some sites than others. This is because SSL certificates are issued at different validation levels. Screenshots of how SSL looks in different browsers.
For something used as commonly as SSL (and our best efforts) - it remains a maddening effort to setup. In part this is due to the technical underpinnings, but also the number of people that you need to interact with within your company to get it setup.
SSLv3 was released over 15 years ago and can no longer be considered secure. Check if your webserver is still using SSLv3 and whether or not it's vulnerable to the POODLE SSLv3 vulnerability.