SSL / HTTPS / TLS Certificate Settings
All sites are automatically issued a new SSL/TLS certificate as part of their setup. This encrypts communications between clients and the site via HTTPS.
We default to TLS version 1.3 (latest) and set of secure cipher suites
selected specifically to work with Heroku and provide optimum speed and
security.
TLS 1.3 is a common requirement for GDPR, HIPPA, CCPA and PCI compliance
regulations.