Last Updated: February 25, 2016
·
5.633K
· mrlamroger

Custom domain SSL for a small project is not cheap

Although Heroku offer free piggyback SSL (ex. https://[yourDomain].herokuapp.com), SSL for your custom domain (ex. https://[yourDomain].com) costs $20/month.
I've only looked at a few other alternatives but they offer the same if not more expensive options.

A basic trusted SSL cert goes for ~$10/year, which is okay.

Adding SSL was a good experience but I will most likely drop it after the first month and redirect the sign up and sign in to the free piggyback version.

Does anyone know the drawbacks to this?

4 Responses
Add your response

Hey did you ever get an answer to this? I am very curious as well.
Thanks man!

over 1 year ago ·

Unfortunately, no.
My best guess is by letting Heroku take care of SSL, you dont have to worry about flaws in your own implementation but are relying on Heroku to provide sufficient security.
Not much evidence behind my opinion. Let me know if you find reasons too!

over 1 year ago ·

Just faced the same decision, and ended up going with the piggyback SSL. You kind of are answering your own question - if its for a small project, its not worth the cost and the drawback of your users seeing the heroku URL for one or two secure pages is not a deal breaker.

If its a big project...it should be worth the cost.

over 1 year ago ·

StartSSL has a free tier, give that a try: https://www.startssl.com/?app=1 #protip

over 1 year ago ·