Geek Answers Handbook

SSL with Rails 3.1: config.force_ssl = true does not work in development mode

I am running rails 3.1 in development mode on Ubuntu with sqlite. The rails server runs on port 3000, and I have nginx installed for proxy_pass ports 80 and 443 to port 3000. When I put config.force_ssl = true in my Application.rb and restart the rails server, I get an error that looks like this:

  Secure Connection Failed An error occurred during a connection to localhost:3000. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) The page you are trying to view can not be shown because the authenticity of the received data could not be verified. Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.

When I return to config.force_ssl = false and restart the rails server, I still get the error message [2011-12-30 09:48:02] ERROR bad URI 9W\x0Fe h=9 ݔ| # ) /6\x00\x00H\x00 ' . in the rail console. This disappears and everything returns to normal if I also clear my browser cache. But how do I get force_ssl = true to work?

Here is part of my .rb application:

  module Regi class Application < Rails::Application # Settings in config/environments/* take precedence over those specified here. # Application configuration should go into files in config/initializers # -- all .rb files in that directory are automatically loaded. config.generators do |g| g.template_engine :haml end config.force_ssl = true end end

And here is my / etc / nginx / sites -enabled / default:

 server { #listen 80; ## listen for ipv4; this line is default and implied #listen [::]:80 default ipv6only=on; ## listen for ipv6 root /usr/share/nginx/www; index index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; location / { # First attempt to serve request as file, then # as directory, then fall back to index.html proxy_pass http://localhost:3000; try_files $uri $uri/ /index.html; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # #error_page 500 502 503 504 /50x.html; #location = /50x.html { # root /usr/share/nginx/www; #} # pass the PHP s to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # fastcgi_split_path_info ^(.+\.php)(/.+)$; # # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini # # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # include fastcgi_params; #} # deny access to .htaccess files, if Apache document root # concurs with nginx one # #location ~ /\.ht { # deny all; #} } # HTTPS server server { listen 443; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; ssl on; ssl_certificate /usr/local/conf/ssl_keys/server.crt; ssl_certificate_key /usr/local/conf/ssl_keys/server.key; location / { proxy_pass http://localhost:3000; proxy_set_header X-Real-IP $remote_addr; # root html; # index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }
+7
source share
2 answers

I came across the same error message when I configure the nginx ssl server. This is because I did not have ssl crt and key.And in your nginx configuration file, I noticed that there was crt and key. So, are you sure that crt and key are ok? If you are not sure, you can try the following link to create self_assigned crt. http://devcenter.heroku.com/articles/ssl-certificate-self

ps I want to add this answer as a short comment, but it seems that I did not have this permission.

+2
source

ActionController :: ForceSSL tells it not to redirect it when it is in development mode.

https://github.com/rails/rails/blob/391e6a47dbd46fdce0a472819e8d27792cc91984/actionpack/lib/action_controller/metal/force_ssl.rb#L29

0
source

More articles:


All Articles