Heroku multiple SSL endpoints

I recently worked on a project, hosted on Heroku, that required multiple SSL endpoints. The application allows you to set a custom URL for your account. This isn’t exactly straightforward on Heroku. In order to pull this off, I got some help from the Heroku Support team. I’m reblogging here so other folks can benefit.

The problem is that, at the moment, you can only add one SSL endpoint to a Heroku application. This prevents you from being able to have multiple SSL URL’s point to the same Heroku application. However, it turns out you can create an empty Heroku application and add the SSL addon to get another endpoint. Then simply setup the DNS like usual and add the new domain to your original application.


Let’s say tumblr.com is hosted on Heroku. And let’s say I’d like to setup a special page for support, at support.tumblr.com. To do this, we would create a new, empty, Heroku application, add the SSL addon and upload our certs for support.tumblr.com. Heroku would setup a new SSL endpoint for the application and return our new URL for DNS, purple-44.herokussl.com. We would setup a CNAME DNS record from support.tumblr.com to purple-44.herokussl.com, as you would normally do for a new domain on Heroku. The one trick to making this all work is that we add the domain for our custom URL to the our tumblr.com Heroku application, NOT the new support.tumblr.com application.

So, when a request comes in for support.tumblr.com, DNS resolves to purple-44.herokussl.com, and we correctly hit the routing mesh. The routing mesh will lookup which Heroku application to send the request to, see that requests to support.tumblr.com should go to tumblr.com, and route the request accordingly.

This is the hack that allows you to use multiple SSL endpoints on Heroku.

Thanks Heroku support team for the help! I was not excited about having to move to a new hosting provider!