Heroku and the url scheme for host in production

neuone · January 18, 2020, 8:14pm

I have a domain name with Hover. For example (“example.com”) and I configured it with my Heroku app. Heroku also generated the SSL certificate which is nice. So everything is working fine.

Question
Now that my domain name is pointing to my heroku app, should I be modifying my prod.ex to reflect my domain name as the host or leave it as the original “foo-yoyo-49678.herokuapp.com”?

BEFORE

# prod.ex
config :app, AppWeb.Endpoint,
  load_from_system_env: true,
  url: [scheme: "https", host: "foo-yoyo-49678.herokuapp.com", port: 443], 
  force_ssl: [rewrite_on: [:x_forwarded_proto]],
  cache_static_manifest: "priv/static/cache_manifest.json",
  secret_key_base: Map.fetch!(System.get_env(), "SECRET_KEY_BASE")
  config :logger, level: :info

# Configure your database
config : app, App.Repo,
  adapter: Ecto.Adapters.Postgres,
  url: System.get_env("HEROKU_DATABASE_URL"),
  pool_size: String.to_integer(System.get_env("POOL_SIZE") || "10"),
  ssl: true

AFTER
Should I be changing and updating the url: with the host as "foo-yoyo-49678.herokuapp.com’ to my domain name example.com.

If YES, do I do it with the www or without the www?

url: [scheme: "https", host: "www.example.com", port: 443]
# OR with the www
url: [scheme: "https", host: "example.com", port: 443]

Any feedback or insight would be appreciated

NobbZ · January 18, 2020, 8:17pm

The :url/:host key should point to the URL that you want to use when generating links.

So, when you have a link, do you want it to be example.herokuapp.com or do you want it to be example.com?

neuone · January 18, 2020, 8:34pm

I would like all the links to be “www.example.com”. But I’m guessing from your feedback I don’t need to provide the www. So I will change it to.

url: [scheme: "https", host: "example.com", port: 443]

Updated
OK, so I changed it. But I found that I’m NOT getting the SSL secure lock icon anymore. It’s now an Info icon or Not secure. Read here about Info icon

Would that have anything to do with recent change or is that something else?

NobbZ · January 18, 2020, 8:42pm

Well, the certificate you use, is it for example.com or for example.herokuapp.com?

If its only for the heroku domain, you need to get one for example.com on your own. Perhaps you can integrate letsencrypt into your application on heroku?

neuone · January 18, 2020, 8:57pm

Heroku issues free SSL certificate when you are a paid customer. I followed the steps and I believe it’s setup correctly.

So if I run curl -kvI https://www.example.com

*  HTTP 1.1 200 OK
*  SSL certificate verify ok.
*  Connected to www.example.com (52.54.789.232) port 443 (#0)

Now the problem.
If I run curl -kvI www.example.com without the https:/

* HTTP/1.1 301 Moved Permanently
* Connected to www.example.com (3.123.332.123) port 80 (#0)
* Location: https://example.herokuapp.com/

Ok. I need to retrace my steps with this whole SSL certificates and Heroku.

Thanks for the feedback on the original question.

I thought the whole url: [scheme: "https", host: "example.herokuapp.com", port: 443] maybe has something to do with it. But if it’s just tied to link generation then that’s the feedback.

neuone · January 18, 2020, 9:24pm

I figured out the issue in regards to SSL. Th SSL certificate is fine. The issue is my app.

My app contains URLs of photos from outside the site. Some photos are referencing from a http:// url. As a result Chrome browser is not happy.

Use the chrome console > security. Reload the page and you will see why it’s complaining.

Leaving this comment for future self and others. Thanks.