SSL Endpoints

Sometimes you'll need your microservice to have a valid SSL certificate. For example, if you consume the microservice directly from the front-end, you'll get "Mixed Content" warning or error if your site is hosted with HTTPS.

Each Dockhero cluster comes with two CloudFlare endpoints configured: one in flexible ssl mode and another in full ssl mode. They have valid SSL certificate installed, so that you don't need to purchase one yourself. Both endpoints are exposed to your Heroku environment:

$ heroku config:get DOCKHERO_FLEXIBLE_SSL_URL
$ heroku config:get DOCKHERO_FULL_SSL_URL

SSL is terminated at the CloudFlare edge server, then the request is sent to Dockhero cluster via http:// or https:// protocol depending on SSL mode (flexible or full).

With Flexible SSL, you don't need to implement SSL in your stack at all.

Flexible SSL

With Full SSL, your stack still needs to talk SSL, but you can use a self-signed certificate. No worries, the users will see a valid CloudFlare's certificate - find more about CloudFlare SSL in this article

Full SSL

If for some reason you prefer SSL termination right within your stack, you can use Let's Encrypt to get a self-renewing certificate. See our HTTP/2 + SSL + QUIC proxy tutorial.

results matching ""

    No results matching ""