3

Heroku email from today:

When an app is migrated to the new infrastructure, its default appname.herokuapp.com, DNS records, and any haiku.herokudns.com custom domain records are modified to point to the IP addresses of the new routing infrastructure. For a period of 24-48 hours, the app is accessible via both the new and old routing infrastructure. When the migration completes, the app will no longer be accessible via the old routing infrastructure and all traffic must flow via the new infrastructure. Requests for an app sent to the old infrastructure will result in error code: H31 Misdirected Request.

To get correct and future-proof DNS targets for custom domains associated with your Heroku apps, you can run heroku domains and compare the DNS target in the output to the CNAME target that you’ve configured with your DNS provider. If the DNS targets don’t match, you need to update your DNS configuration to point to the DNS targets provided by Heroku.

I’ve done the above. This then breaks the workaround to get free SSL from cloudflare to work with Heroku (because of the move away from *herokuapp.com, which allowed the workaround). So, now one has to upload a cloudflare certificate by using Heroku SSL (which one can only use on paid dynos)

Rest of the email:

If you have any SSL Endpoints associated to your app, you can verify the DNS by following this step from the SSL Endpoint setup documentation. Please note that the SSL Endpoint add-on is deprecated and will be removed starting July 31, 2021. All existing and new Heroku applications should use Heroku SSL, which includes Automated Certificate Management (ACM).

Anyone with a workaround to enable the use of cloudflare SSL in a free Heroku dynos setup?

Pat
  • 443
  • 6
  • 13
  • What error did you get when you set it up the way they asked? – Ked Mardemootoo May 31 '21 at 04:21
  • 1
    @Ked Mardemootoo, when you get to the point of uploading the certificate to Heroku you get a message saying you can only use Heroku SSL (the only way to upload a certificate) with paid dynos. So that is where this flow breaks. You either have paid dynos or can't use free cloudflare SSL on custom domains in heroku. Sadly, a bunch of hobby apps will go down in July because of this. – Pat Jun 01 '21 at 09:07
  • 1
    @Pat would you mind me asking what steps you're taking to migrate? The reason I asked is that I received this email, too, and had setup Cloudflare <> Heroku with a free Cloudflare SSL certificate ages ago. – Matt Jul 13 '21 at 12:20
  • @Matt haven't taken the time to migrate away from Heroku + Cloudflare yet. And I have a substantial amount of side projects using that setup. Opened tickets with Cloudflare to find a workaround and saw a few messages on this in their forum. Still no solution, nor acknowledgement of the issue. It will be hobby apps doomsday end of this month. Please share should you find a workaround. – Pat Jul 14 '21 at 13:19
  • @Pat will do. I've also opened a ticket with Heroku to get more clarity on how my apps are affected, more specifically. Let's keep in touch if we learn anything. – Matt Jul 14 '21 at 16:33

0 Answers0