Redirecting from http://example.com to https://example.mysite.com

This question was asked in different permutations, but I did not find the right combination that answers my specific question.

Configuration

• Rails 3.1 (allows me to use force_ssl in my ApplicationController )
• Hosted on Geroku cedars (so I can’t touch middleware)
• My SSL certificates are registered for secure.example.com

I already added force_ssl to my ApplicationController, for example:

 # file: controllers/application_controller.rb class ApplicationController < ActionController::Base protect_from_forgery force_ssl end 

Problem

Currently, if the user goes to http://example.com , force_ssl is switching to SSL, but since he is NOT secure.example.com , he is warning about an unverified security certificate, because he uses the default certificate of Heroku.

(I checked that the transition to http://secure.example.com is redirected correctly to https://secure.example.com and uses the correct security certificate. This is good.)

Question

How to make http://www.example.com/anything and http://example.com/anything redirect to http://secure.example.com/anything ? (I assume that force_ssl will handle the transition from http to https.) Since I cannot touch the middleware (remember that this is Heroku hosting), I assume I can do something like:

 # file: controllers/application_controller.rb class ApplicationController < ActionController::Base protect_from_forgery force_ssl before_filter :force_secure_subdomain private def force_secure_subdomain redirect_to(something...) unless request.ssl? end end 

... but I did not get enough grokked redirect_to and the request object to know what to write for something... (I want to be sure that it processes the request parameters, etc.)