Deploying Streamlit using Heroku (or Any other cloud service) on a Website built using Wix - SSL certificate

Show the Community!
#1

Hi All,

I made a dashboard app using ST (which is a huge achievement given that I didn’t know python coding before this!). It was easy to deploy it to Heroku. However, I can only share it on our website (created using Wix) in not-secure format. It seems like Heroku cannot assign an SSL certificate to this webapp if the page is hosted using Wix. Wix does not allow changing DNS, which might be the reason.

Given that having an https webapp is important to me, I have 2 questions:

  1. Is there a way to solve this problem? I believe I will face the same issue if I use AWS, GSP, or other cloud based services for deploying my app.
  2. Does “streamlit sharing” solve this problem or I will still have the same issue?
#2

Hi @aezzati, welcome to the Streamlit community!

I’m not exactly sure I understand the deployment here. You have a Streamlit app deployed on Heroku…does this have an SSL certificate when you go to its URL?

Where does Wix come in? Are you loading the Heroku app in an iframe?

By default, Streamlit sharing apps have an SSL certificate, so in some ways the answer is ‘yes’. But I’d need to understand your deployment more to give a definitive answer.

Best,
Randy

#3

Hi Randy, Thank you for your response.

I did more research and -I think- figured out what is the probable source of problem:

  1. If I embed streamlit in a heroku app and then add it to my Wix-built website in an iframe, the app will be in with SSL & in https format.
  2. If I embed streamlit in a heroku app and then add it to my Wix-built website as a link to a new page by a adding the CNAME (Aliases) of Heroku app to the Wix domains, the new page will be in http format. Buying a new SSL certificate on Heroku does not solve this issue.

I understand that this might be a problem of handling SSL certificates by Wix (or heroku?). So my question in previous post refers to he issue in point 2 above (linking app through CNAME/domain) and if using “streamlit sharing” can solve it.

Thank you,
Ali

#4

Unfortunately, I’m not an expert in the security of embedded pages, but I suspect that Streamlit sharing wouldn’t be different than Heroku in this regard. Let me try to find someone internally who can give a better answer.