Automated Certificate Management for apps in Private Spaces
Change effective on 24 May 2018
Heroku Automated Certificate Management (ACM) is now available for apps in Private Spaces. When ACM is enabled on a Heroku app, Heroku will automatically provision and renew certificates for custom domains registered on the app.
To enable ACM on a Private Space app that doesn’t currently have TLS certs, simply enable the feature and wait for the certificate to be provisioned:
$ heroku certs:auto:enable
If you already have manually uploaded TLS certs and want to migrate to ACM, follow the process outlined below.
1. Determine the name of your current manually uploaded certificate
$ heroku certs Name Endpoint Common Name(s) Expires Trusted Type ──────────── ─────────────────────────────────────────────────────── ────────────────────── ──────────────────── ─────── ───────────────── nagano-91606 <haiku>.<haiku>.herokuspace.com <common-name> 2018-08-13 11:05 UTC True Private Space App
2. Enable ACM for your app
$ heroku certs:auto:enable Enabling Automatic Certificate Management... done === Your certificate will now be managed by Heroku. Check the status by running heroku certs:auto.
3. Wait for the cert to be issued
It’s important to wait for this step to complete before proceeding. If you don’t your app might incur downtime.
$ watch heroku certs:auto
4. Remove the old manually added cert
Use the name found in step 1
$ heroku certs:remove --name nagano-91606
See the Automated Certificate Management Dev Center article for details.