How do I disable HTTPS on Heroku
Unfortunately, you can't prevent someone from attempting to access your site via SSL. That is to say that anyone can simply add https
to to beginning of ://site.example.com
. I would recommend that you open a support ticket to allow the Support team to look into your current configuration. Unfortunately, the Piggyback SSL that exists at *.herokuapp.com
for Cedar apps bleeds through unless you have your own SSL certificate that is specified using the ssl:endpoint add-on.
The fact is, even if the Piggyback SSL wasn't in place, your visitors would still receive an error when going to the SSL version of your site. You might consider purchasing a seriously cheap SSL cert from some place like Namecheap (looks like you can pick up a super-simple cert for $8/yr) JUST to get rid of the errors. You can then enforce redirection to the non-SSL version of your site and all is well!
am-rails
Updated on June 04, 2022Comments
-
am-rails almost 2 years
I created a site and put it on Heroku. I then added a custom domain (e.g. "site.example.com") in the Heroku control panel and I pointed the DNS to my Heroku address. This works fine, but when I visit the site, I get a big browser warning, saying the certificate is for herokuapp.com, not for "site.example.com". How do I turn off HTTPS or fix it in some other way? (I don't need my own SSL certificate for the site.)
Note: It's not Heroku's fault if your app is forcing people onto SSL. Check
production.rb
to make sure it doesn't say:config.force_ssl = true
If it does, change it to false:
config.force_ssl = false
-
Photonic over 8 yearsThat wont work on Chrome, as heruko will just force it back to https
-
omeganebula over 8 years@Photonic: I have tried using it in my heroku app and it did work. Checked with Chromium 45 on a linux machine.
-
Jagger over 7 yearsThis does not work. I am using Firefox and Heroku seems to fall back each time to https and there is an infinite loop coming from such an implementation of
onload
event.