On Dec 10, 11:06 pm, Morten Bagai <[email protected]> wrote: > Yeah, I didn't catch the multi-domain part.
Well, wildcard is still interesting for me. I could replace *.heroku.com with my own wildcard as a piggyback. I'd prefer to serve sites admin/user panels of my clients from my own domain. > Theoretically it might be possible. I don't think we have ever seen a > multi-domain cert in the > wild at Heroku. Actually I already tried this with two dummy apps and a multi-domain certificate taken from production site - worked like a charm. Will show you the apps once they are migrated (if I remember of course). > Also, the solution we have in place now isn't designed > for this in a couple of ways: > > 1) You would have to redeploy the cert every time it changed > 2) With multiple busy apps, you might max out the resources of the SSL > routing instance Good points. As for the resources, such a feature would be useful mostly for smaller sites. > > On Dec 10, 2:01 pm, Wojciech Kruszewski <[email protected]> wrote: > > > Yes I believe it would be possible. > > > You could even create a service that would to the pooling: "I'll add > > your domain to my multi-domain certificate for a yearly fee". > > <emphasis>Theoretically</emphasis> this business model should work... > > although I'd much prefer Heroku coming up with their solution. > > > Do you know is it easy to add new domains to existing multi-domain > > certificates? > > > Regards, > > Wojciech > > > --http://twitter.com/WojciechK > > > On Dec 10, 10:44 pm, Doug Petkanics <[email protected]> wrote: > > > > If I am following your approach correctly, then I believe it would be > > > possible for multiple Heroku users to "cooperate" on a single custom SSL > > > addon using the following steps. > > > > 1. Alice and Bob agree to cooperate and split the costs between one > > > another > > > outside of the scope of Heroku's billing. > > > 2. Alice buys a multi domain SSL cert covering her domain and Bob's > > > domain. > > > Alice also buys the custom SSL addon, and applies the certificate to her > > > app. > > > 3. Alice and Bob edit their domain's DNS settings to point to the > > > dedicated > > > IP. > > > 4. Bob enables piggyback ssl on his app, and gets the benefit of Alice's > > > custom ssl addon. The multi-domain cert they bought includes both their > > > domains. > > > > Heroku guys, if this approach would work, would you take issue with some > > > users pooling together to reduce the cost? I don't ask in the spirit of > > > taking advantage of your platform, but instead ask because the current > > > price > > > of custom SSL is prohibitive from running smaller apps on the service > > > right > > > now. > > > > Thoughts? > > > > On Thu, Dec 10, 2009 at 12:00 PM, Wojciech Kruszewski > > > <[email protected]>wrote: > > > > > In fact this is possible with their current environment: > > > >http://wojciech.oxos.pl/post/277669886/save-on-herokus-custom-ssl-addons > > > > > On Dec 9, 7:58 pm, Wojciech Kruszewski <[email protected]> wrote: > > > > > This is theoretically possible with their architecture, but they are > > > > > currently reviewing how easy it would be to implement it and if it's > > > > > worth the trouble. > > > > > > I created a public feature request: > > > >http://support.heroku.com/forums/42310/entries/87156 > > > > > - would you care to add your vote? > > > > > > Cheers, > > > > > Wojciech > > > > > > On Dec 8, 11:47 pm, Chris Hanks <[email protected]> wrote: > > > > > > > Wojciech, if you ask support about that and get some good news, > > > > > > would > > > > > > you report back? I'm curious about this too. > > > > > > > Thanks! > > > > > > > Chris > > > > > > > On Dec 8, 2:05 pm, Oren Teich <[email protected]> wrote: > > > > > > > > I don't know if that's possible or not it's probably a function of > > > > the > > > > > > > SSL protocol and our routing mesh, but it's beyond my technical > > > > > > > knowledge. Best bet is to drop support@ a line, and see what they > > > > > > > say. They'll be able to dig into the details for you. > > > > > > > > Oren > > > > > > > > On Tue, Dec 8, 2009 at 12:42 PM, Wojciech Kruszewski < > > > > [email protected]> wrote: > > > > > > > > Thanks Oren, this makes sense. > > > > > > > > > So can that one mostly idle server handle SSL requests for > > > > > > > > multiple > > > > > > > > applications? > > > > > > > > > I mean I tried Heroku and was very happy with the experience - > > > > looks > > > > > > > > like it needs little to no maintenance on my part. I'd wish to > > > > > > > > host > > > > a > > > > > > > > handful smaller web apps, each with 1-3 dynos. > > > > > > > > > I could live with piggyback ssl, if it was my own wildcard > > > > > > > > certificate. > > > > > > > > > - Wojciech > > > > > > > > > On Dec 8, 8:58 pm, Oren Teich <[email protected]> wrote: > > > > > > > >> They are totally independent. The way our architecture works, > > > > dynos > > > > > > > >> run on machines called railguns, which are specially set up for > > > > the > > > > > > > >> job. We have to setup a special (and yes, mostly idle) server > > > > just to > > > > > > > >> handle the SSL requests. It's not possible with the product we > > > > have > > > > > > > >> today to run dynos on that server. > > > > > > > > >> Oren > > > > > > > > >> On Tue, Dec 8, 2009 at 7:48 AM, Wojciech Kruszewski < > > > > [email protected]> wrote: > > > > > > > >> > Hi, > > > > > > > > >> > I've read your explanation about why you charge $100/mo for > > > > custom SSL > > > > > > > >> > (http://docs.heroku.com/ssl#faq). You need exclusive IP, > > > > > > > >> > Amazon > > > > > > > >> > assigns only one IP for an instance, so you need to reserve > > > > > > > >> > full > > > > > > > >> > instance just to use one SSL cert - seems fair. > > > > > > > > >> > Ok, but if you reserve full EC2 instance just for me... then > > > > > > > >> > why > > > > do I > > > > > > > >> > have to pay for extra dynos? Aren't you double-billing for > > > > > > > >> > this > > > > > > > >> > instance? > > > > > > > > >> > I believe it's "just against your architecture" but still I'd > > > > like to > > > > > > > >> > know the explanation. > > > > > > > > >> > Regards, > > > > > > > >> > Wojciech > > > > > > > > >> > -- > > > > > > > >> >http://twitter.com/WojciechKhttp://oxos.pl-RubyonRailsdevelopment > > > > > > > > >> > -- > > > > > > > > >> > You received this message because you are subscribed to the > > > > Google Groups "Heroku" group. > > > > > > > >> > To post to this group, send email to [email protected]. > > > > > > > >> > To unsubscribe from this group, send email to > > > > [email protected]<heroku%[email protected]> > > > > . > > > > > > > >> > For more options, visit this group athttp:// > > > > groups.google.com/group/heroku?hl=en. > > > > > > > > > -- > > > > > > > > > You received this message because you are subscribed to the > > > > > > > > Google > > > > Groups "Heroku" group. > > > > > > > > To post to this group, send email to [email protected]. > > > > > > > > To unsubscribe from this group, send email to > > > > [email protected]<heroku%[email protected]> > > > > . > > > > > > > > For more options, visit this group athttp:// > > > > groups.google.com/group/heroku?hl=en. > > > > > -- > > > > > You received this message because you are subscribed to the Google > > > > Groups > > > > "Heroku" group. > > > > To post to this group, send email to [email protected]. > > > > To unsubscribe from this group, send email to > > > > [email protected]<heroku%[email protected]> > > > > . > > > > For more options, visit this group at > > > >http://groups.google.com/group/heroku?hl=en. -- You received this message because you are subscribed to the Google Groups "Heroku" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/heroku?hl=en.
