How do I make my nginx proxy connect to a Heroku app behind Heroku SSL?

Issue

You want to have an Nginx proxy connect to a Heroku app behind Heroku SSL but it keeps reporting errors like error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error:s3_pkt.c:1262:SSL alert number 80 during the SSL handshake. This applies to the SNI certs used in Private Spaces apps also.

Resolution

Heroku SSL uses Server Name Indication (SNI). Configure nginx with specifying proxy_ssl_server_name on and proxy_ssl_name with the custom domain name assigned for the SSL server certificate on the Heroku SSL endpoint.

For those using the Fastly addon service, under the config for your backend you will need to set the ssl_sni_hostname to the custom domain name assigned for the SSL server certificate on the Heroku SSL endpoint.