How is HTTPS handled in Crowdbotics apps by default? Does it use heroku ssl-endpoint under the hood, or heroku Automated Certificate Management? cc @paul.poladstranspare
Crowdbotics apps use Automated Certificate Management.
However, for high-traffic applications in production, we recommend that you consider using Cloudflare, which is also supported and can also provide certificates.
we have a custom domain hosted on a registrar outside heroku. How do we get a HTTPS cert for that custom domain served from the crowdbotics app? AFAIK heroku ACM uses lets encrypt, so I’ll just need to add the DNS records let’s encrypt requires for verification, correct?
In general, you shouldn’t need to take any certificate-level steps here beyond connecting your domain via Crowdbotics in the app settings. If you’ve already linked your custom domain in Crowdbotics via the app settings page, it’ll provision a certificate for you and assign it to the domain.
The final step will be to point the CNAME on your domain registrar to point to the correct secure destination. When you go through the app settings page to connect your domain, you should get a CNAME record given back with the right contents that you can add to your DNS.
If you’ve run through these steps already, and are seeing something other than a secured domain with a certificate already attached, let me know and I can walk you through what to do next.