Create SSL Certificate to Use HTTPS In Rails ENV (Rails Version > 3.0.0)
# Self Signed SSL Certificate to Use with rails
- Go To Your Project Root Folder
- Type “mkdir .ssl”
- Type “openssl req -new -newkey rsa:2048 -sha1 -days 365 -nodes -x509 -keyout .ssl/localhost.key -out .ssl/localhost.crt”
Here is the Sample Input for the following parameters:
# req --> Create a new Request.
# -x509 --> The result of this will be an X.509 certificate, not a Certificate Signing request.
# -sha1 --> Make sure to use SHA1 as this certificate's hashing algorithm. (newer versions of OpenSSL should default to this)
# -newkey --> create a new key.
# rsa:2048 --> the key will be of type RSA, and will be 2048 bits long
# -nodes --> Don't encrypt the key
This will create following files in your SSL folder :1. localhost.crt 2. localhost.key Now After creating ssl files , following steps will be required :
Generating a 2048 bit RSA private key
....+++
..................................+++
unable to write 'random state'
writing new private key to '.ssl/localhost.key'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:IN
State or Province Name (full name) [Some-State]:RAJASTHAN
Locality Name (eg, city) []:Bhilwara
Organization Name (eg, company) [Internet Widgits Pty Ltd]:JavaRoots
Organizational Unit Name (eg, section) []:Rails
Common Name (e.g. server FQDN or YOUR name) []:RAILS DEV TEAM
Email Address []:[email protected]
- Run “echo "127.0.0.1 localhost.ssl" | sudo tee -a /private/etc/hosts”
- Edit you GemFile and add gem “thin”
- Create a New Initializer file named ssl_config.rb add these lines:
ActionController::ForceSSL::ClassMethods.module_eval do
def force_ssl(options = {})
config = Rails.application.config
return unless config.use_ssl # <= this is new
host = options.delete(:host)
port = config.ssl_port if config.respond_to?(:ssl_port) & config.ssl_port.present? # <= this is also new
before_filter(options) do
if !request.ssl?# & !Rails.env.development? # commented out the exclusion of the development environment
redirect_options = {:protocol => 'https://', :status => :moved_permanently}
redirect_options.merge!(:host => host) if host
redirect_options.merge!(:port => port) if port # <= this is also new
redirect_options.merge!(:params => request.query_parameters)
redirect_to redirect_options
end
end
end
end - Open your config/application.rb and add “config.use_ssl = false”
- Now edit your enviroment files to
development.rb =>
“config.use_ssl = true”
“config.ssl_port = 3000” - Now Add “force_ssl” to app/controllers/application_controller.rb at top priority.
- Now Run your Server using this command:
“thin start -p 3000 --ssl --ssl-verify --ssl-key-file .ssl/localhost.key --ssl-cert-file .ssl/localhost.crt”
