I’m currently building a website with Ruby on Rails that requires SSL to secure a few web pages such as the login page while leaving the rest of the site SSL free. It took me a few hours to figure it out and the information on this subject is somewhat sparse. I thought I’d write down the information in case someone needs it.
I’m using WEBrick for my development work because it’s quick and easy. Normally, WEBrick isn’t in ssl mode and it wasn’t obvious to me as to how to run an ssl version of it. After looking around, I found the script mentioned in this mailing list. Simply save the script as server_ssl in the script directory of your RoR project and then:
chmod +x script/server_ssl
Be sure to change the ‘ip’ in the script.
SSL requires the use of a server certificate. The logical question is then how does one create and install a server certificate? Normally, you would purchase a certificate from a Certificate Authority or create one by using a tool like openssl(see HTTPS Configuration in the Ubuntu Server Guide). However, it seems the server_ssl script tells WEBrick to create a server certificate on-the-fly and so there is no need to create and install a certificate. One side effect is that Firefox will warn you the certificate is not authentic. Another side effect is that if you stop and restart WEBrick without restarting Firefox, Firefox will tell you the certificate has the same serial number as another certificate and will simply refuse to use the certificate. If that happens, just restart Firefox. These are inconveniences but are ok while you’re still in the development phase.
The trick to have both ssl and non-ssl webpages running on your site is to have two copies of WEBrick running, one running SSL and one running regular HTTP. Each needs to run on its respective standard port(ssl – port 443, non-ssl – port 80). So edit your server_ssl to change the port to 443. You also need to make sure there isn’t another webserver running on port 80 and so stop Apache or IIS on the box if you need to.
Now, run the WEBrick’s:
sudo ruby script/server --port=80
In another terminal, run an ssl’ed WEBrick:
sudo ruby script/server_ssl
That’s pretty much it! To make it easier to ensure certain web pages on your site use SSL, you might want to check out the excellent ssl_requirement plugin from 37Signals.
Update: the result of this work is now live at UberSquare.com.
Works as advertised. Thanks for posting!
I love your site!
Experiencing a slow PC recently? Fix it now!
Pingback: Webrick serving Rails 2.3.x over SSL | Ryan Stawarz
Can I use WebRick without Rails?
Pingback: Webrick serving Rails 2.3.x over SSL « « Ryan Stawarz Ryan Stawarz
I’m amazed, I have to admit. Rarely do I come across a blog that’s both equally educative and engaging, and without a doubt, you’ve hit the nail on the head. The problem is something that not enough folks are speaking intelligently about. Now i’m very happy that I found this during my hunt for something concerning this.
Rather, it seeks to limit the consumption of physicians weight
loss centersynutrition diet. Safety inspections conjointly enable the
occupational physicians weight loss centers and
safety of the workers. Telemedicine, although the odds are in favor of neonatal circumcision weren’t strong enough to recommend it as a routine procedure. I hope Howard Dean is reading, because I believe with a better understanding of the answer to your question, what should my cholesterol is so important. If you want to embark on this change and go ahead and be committed to the change no matter how busy are.
Way cool! Some extremely valid points! I appreciate you penning this post plus the rest of the website is
My personal blogging site about modern technology: aging face cream trials (packwacker.com)
Appreciation to my father who stated to me concerning this
website, this weblog is truly amazing.
After exploring a number of the blog articles on your blog, I truly like your technique of
blogging. I saved it to my bookmark website list and will be checking back soon. Please visit my website
as well and let me know what you think.