Q: How does QuotaGuard handle proxying HTTPS connections? Is it accurate that Quotaguard Static has HTTPS connections to Heroku? If not, that would mean our traffic would be unencrypted between QuotaGuard’s servers and Heroku?

 

A: On Heroku, QuotaGuard Static uses SSL Offloading and QuotaGuard Shield uses SSL Passthrough. See more about those two concepts here : https://avinetworks.com/glossary/ssl-passthrough/

 

For customers that are using QuotaGuard Shield (our more secure solution), then they can bring their own certificates or use Heroku's ACM system. 


Instructions for those situations can be found here : https://devcenter.heroku.com/articles/quotaguardshield

 

For customers that are using QuotaGuard Static, customers can choose to have their SSL certificates loaded into our proxy servers so that we can support HTTPS for them. This is easily configurable in our QuotaGuard dashboard to upload your certificates. 


More can be found here: https://devcenter.heroku.com/articles/quotaguardstatic


If you have questions, or if this solution doesn’t work or fit your use case, please reach out to us at Support so we can help figure it out with you.


Working with sensitive data, like HIPAA, Financial, or Personally Identifiable Information (PII)? 
    Then you will want to check out our QuotaGuard Shield solution, it's the same as QuotaGuard Static, but with stronger end to end security for your requests. We can also help migrate current Static customers to Shield for free, just reach out to us at Support to request assistance.