Cheap SSL certification for an app hosted on Heroku

Question

I have a Rails app on Heroku and I would need to add there a SSL certificate. In the Heroku add-ons section I see that is possible to buy on Heroku add-on, but the price is $20/month, which is $240 and I cannot afford it at the moment.

Is there any cheaper way to get an SSL for a Heroku app?

Answer 1

We've installed our SSL certificate on a DigitalOcean.com instance running Nginx as a reverse proxy.

Trade-offs include a bump in latency and paying for bandwidth overages but those haven't been issues for us.

Here is a basic Nginx config similar to ours:

server {
    listen 80;
    rewrite ^ https://www.example.com$request_uri? permanent;
}

# HTTPS server
server {
    listen 443;

    ssl on;
    ssl_certificate /root/example.crt;
    ssl_certificate_key /root/example.key;

    ssl_session_timeout 5m;

    ssl_protocols SSLv3 TLSv1;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
    ssl_prefer_server_ciphers on;

    location / {
        proxy_pass   https://example.herokuapp.com/;
    }
}

This is a basic example and could be made a little more secure (possibly forcing SSL in your app) but this gets you started.

This also gives you the opportunity to speed up your app by creating a cache or serving the app's static assets. You could upload your precompiled assets and have Nginx serve them like this:

location  /assets/ {
    root  /path-to/assets/;

    expires 1y;
    add_header Cache-Control public;
}

EDIT: July 2017

My, how things have changed. There are a lot of low/no cost solutions for this now. Cloudflare is a great option.