How do I disable HTTPS on Heroku

ssl heroku https subdomain cname
15,779

Unfortunately, you can't prevent someone from attempting to access your site via SSL. That is to say that anyone can simply add https to to beginning of ://site.example.com. I would recommend that you open a support ticket to allow the Support team to look into your current configuration. Unfortunately, the Piggyback SSL that exists at *.herokuapp.com for Cedar apps bleeds through unless you have your own SSL certificate that is specified using the ssl:endpoint add-on.

The fact is, even if the Piggyback SSL wasn't in place, your visitors would still receive an error when going to the SSL version of your site. You might consider purchasing a seriously cheap SSL cert from some place like Namecheap (looks like you can pick up a super-simple cert for $8/yr) JUST to get rid of the errors. You can then enforce redirection to the non-SSL version of your site and all is well!

Share:
15,779
am-rails
Author by

am-rails

Updated on June 04, 2022

Comments

  • am-rails
    am-rails almost 2 years

    I created a site and put it on Heroku. I then added a custom domain (e.g. "site.example.com") in the Heroku control panel and I pointed the DNS to my Heroku address. This works fine, but when I visit the site, I get a big browser warning, saying the certificate is for herokuapp.com, not for "site.example.com". How do I turn off HTTPS or fix it in some other way? (I don't need my own SSL certificate for the site.)

    Note: It's not Heroku's fault if your app is forcing people onto SSL. Check production.rb to make sure it doesn't say:

    config.force_ssl = true

    If it does, change it to false:

    config.force_ssl = false
  • Photonic
    Photonic over 8 years
    That wont work on Chrome, as heruko will just force it back to https
  • omeganebula
    omeganebula over 8 years
    @Photonic: I have tried using it in my heroku app and it did work. Checked with Chromium 45 on a linux machine.
  • Jagger
    Jagger over 7 years
    This does not work. I am using Firefox and Heroku seems to fall back each time to https and there is an infinite loop coming from such an implementation of onload event.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

heroku: set SSL certificates on Free Plan?
How to make python on Heroku https only?
Multiple subdomains with SSL under IIS
Heroku SSL added but visiting domain still says connection is not private
How to test https rest webservice in postman
how SSL & cookies work?
Getting a certificate from an https site
Cannot open SSL Key File in Node server - ENOENT
OS X 10.11.6 El Capitan SSLRead() return error -9841
Comodo SSL: ERR_CERT_AUTHORITY_INVALID on Chrome mobile and Opera mobile (Android)