Let’s encrypt (il buono), rails (il brutto) and heroku (il cattivo)

Il buono

This article is just paraphrasing this one with a bit more accuracy, corrections and cynicism.


First step: Update your rails code on heroku

The route /.well-known/acme-challenge/KEY  should be added to your config/routes.rb  file like so

get '/.well-known/acme-challenge/:id' => 'CONTROLLER#letsencrypt'

where CONTROLLER  is the controller of your choice, in which the method should look like this

and don’t forget to make it “public”, so if you are using cancancan the following line is required on top of your controller file

Push it on heroku

and wait for it be deployed.


Second step: Install require software and generate the key

On ubuntu you can install letsencrypt  command like this

The run the command with root privileges

follow the instructions and when it asks you to verify that the given URL is reachable, don’t presse ENTER but follow third step instead.


Third step: Update Heroku variables

Go on Heroku console, in settings>Reveal config vars and add LETSENCRYPT_KEY  and LETSENCRYPT_CHALLENGE  keys with their corresponding values from letsencrypt  command, a step before.

Restart Heroku within UI or with the following command where YOUR_APP_NAME  is… your app name.

It would be a good idea to try the URL from your browser before coninuing.


Fourth step: Verify the challenge and push certificate to Heroku

If your SSL endpoint is not yet setup on Heroku, take the time and money to do it

Then you will be able to push the certificate to your Heroku instance.

If it’s a certificate update, replace the certs:add  by certs:update  and your are good.


Fifth and last step: Behold!

Give yourself some time for a walk and think about the beauty of living, yet still away from the coming technological singularity.