I couldn't find a good "how-to", so here's what worked for me. Assumptions:
- Running Apache 2.2 on a CentOS box
- Apache & SSL works just fine for static content
- Rails app works just fine over http
Here's what I did:
- Setup A simple single mongrel configuration using mod_proxy (AKA ProxyPass). This enables me to access my rails app via [http://mydomain.com:8000] and if you have your ProxyPass set up correctly, [http://mydomain.com]. To be explicit, I'll leave the ":8000" in the URL for now.
- Edit vhost.conf or httpd.conf
- make sure HTTPS redirects (RewriteEngine, RewriteCond and RewriteRule) are commented out
- add this:
RequestHeader set X_FORWARDED_PROTO 'https' env=HTTPS
RequestHeader set X_ORIGINAL_PROTOCOL 'https'
- Restart Apache
/etc/init.d/httpd restart - Start mongrel
cd /path/to/application
mongrel_rails
- You can now access your site via:
http://mydomain.com:8000
https://mydomain.com:8000
In order to forward any http requests to https:
- Install the "ssl_required" plugin
ruby script/plugin install ssl_requirement
Be sure to check out the HowToEnableSSL wiki page. - Edit app/controllers/application.rb and add this:
include SslRequirement
def ssl_required?
return true
end
(Click here to find out why this works!)
Now whenever you access
http://mydomain.com:8000
you should be forwarded to the secure URL:
https://mydomain.com:8000
Once that's done, go get a beer, some coffee or goto sleep!!
0 comments:
Post a Comment