Max Krebs

TIL: The Worst Part is the Waiting

Today I learned the most annoyingly valuable lesson of all: Patience…and SSL

There are a few aspects of technology (web technology specifically) that freak me out once I run into them. One of the big ones is DNS1, although I am slowly becoming more comfortable with that.

Another (related) example is SSL. I always knew I needed to put SSL on everything these days, but it seemed expensive/complicated. Luckily, DNSimple (my DNS service of choice) recently announced a beta integration with Let’s Encrypt. Let’s Encrypt SSL certs are less flexible than other SSL options, but the ease of use makes up for that.

Heroku also recently changed the way they handled SSL on the hosting side, so I figured it was time to stop putting it off.

The setup was much easier than I anticipated:

1) Request SSL cert from DNSimple 2) Download said SSL cert to you machine 3) run heroku cert:add <cert path> to add the cert to heroku app 4) Either using DNSimple’s one click set up to Heroku SSL, or by manual entry, configure DNS records to point to the new Heroku SSL endpoint.

After that, its just waiting. And as I found out, the waiting is the most annoying part. Damn propagation. I spent the last hour nervously refreshing my site, worried I did something wrong, and hoping for the terrifying Google Chrome privacy warnings to go away.

Which, as you know, they finally did. Seriously, that was the part of the process with the most friction. There is no excuse to not have SSL on your site. Even a n00b like me can do it with enough patience.


  1. Also: OAuth [return]