Because Heroku doesn't have built-in support for Let's Encrypt, we need to

generate (and renew) the certificate in manual mode. This requires setting up a

special endpoint on the server to serve a secret so that they can verify that

we actually do own the domain that the certificate is being issued for.
So far I've done this by pushing a special build, but that's kind of icky. This

change makes it possible to do the challenge/response by changing environment

variables in the application config.

Used this while renewing the SSL certificate.