MIYASHITA kensuke
2006-Jul-01 05:08 UTC
[Rails] how can i set the default protocol of WEBrick to https?
On my server, stunnel is running to accept HTTPS (port 443) connection from clients and redirect them to localhost:80. And on port 80 of my server, WEBrick is running to accept HTTP connection. In such situation, WEBrick generates URLs beginning with ''http://'', not with ''https://''. So one can access to ''https://myserver/'', but when he click on any hyperlinks on this page, he access via http to my server. How can I make WEBrick to generate URLs with ''https://'' always?
Chris Carter
2006-Jul-01 15:22 UTC
[Rails] Re: how can i set the default protocol of WEBrick to https?
I would suggest setting up a production style server (mongrel, lightTPD, apache). WEBrick shouldn''t be run in production, and has little support for anything besides plain old http. -- Posted via http://www.ruby-forum.com/.
MIYASHITA kensuke
2006-Jul-01 19:37 UTC
[Rails] Re: how can i set the default protocol of WEBrick to https?
On Sat, 1 Jul 2006 17:22:05 +0200, Chris Carter <cdcarter@gmail.com> said:> I would suggest setting up a production style server (mongrel, lightTPD, > apache). WEBrick shouldn''t be run in production, and has little support > for anything besides plain old http.I''m planning to set up Apache + mod_ssl in production, but I want to simply check my server using WEBrick for now in development. I''ll try to set up a production server. Thanks for your suggestion.
snacktime
2006-Jul-01 21:14 UTC
[Rails] Re: how can i set the default protocol of WEBrick to https?
On 7/1/06, MIYASHITA kensuke <miyasita@cs.kyoto-wu.ac.jp> wrote:> On Sat, 1 Jul 2006 17:22:05 +0200, > Chris Carter <cdcarter@gmail.com> said: > > I would suggest setting up a production style server (mongrel, lightTPD, > > apache). WEBrick shouldn''t be run in production, and has little support > > for anything besides plain old http. > > I''m planning to set up Apache + mod_ssl in production, but I want to > simply check my server using WEBrick for now in development. > > I''ll try to set up a production server. Thanks for your suggestion.Lighttpd is the easiest to configure for ssl. Just change the port to 443 and add the following after the port configuration: ssl.engine = "enable" ssl.ca-file = "ca.pem" ssl.pemfile = "ssl.pem" Put your key and certificate in ssl.pem. You probably won''t need ca.pem, especially if you are using a self signed cert.
Paul Wright
2006-Jul-02 16:47 UTC
[Rails] how can i set the default protocol of WEBrick to https?
On 01/07/06, MIYASHITA kensuke <miyasita@cs.kyoto-wu.ac.jp> wrote:> On my server, stunnel is running to accept HTTPS (port 443) connection > from clients and redirect them to localhost:80. And on port 80 of my > server, WEBrick is running to accept HTTP connection. > In such situation, WEBrick generates URLs beginning with ''http://'', > not with ''https://''. So one can access to ''https://myserver/'', but > when he click on any hyperlinks on this page, he access via http to > my server. > > How can I make WEBrick to generate URLs with ''https://'' always?If rails sees a header such as this then it will generate https urls with link_to, url_for and the like: HTTP_X_FORWARDED_PROTO With a apache fronted mongrel cluster I use the following directive to let rails know: RequestHeader set X_FORWARDED_PROTO ''https'' I would imagine if you want to get WEBrick to always use https there''s probably a way to do it in your environment.rb. The two things that are checked are: def ssl? @env[''HTTPS''] == ''on'' || @env[''HTTP_X_FORWARDED_PROTO''] == ''https'' end So if you can somehow set those in an application-wide before filter you might get away with it. Paul. [1] http://duncandavidson.com/essay/2006/01/railsReverseProxyWithSsl
MIYASHITA kensuke
2006-Jul-06 02:32 UTC
[Rails] Re: how can i set the default protocol of WEBrick to https?
Sorry for long delays, On Sat, 1 Jul 2006 14:14:14 -0700, snacktime <snacktime@gmail.com> said:> On 7/1/06, MIYASHITA kensuke <miyasita@cs.kyoto-wu.ac.jp> wrote: > > On Sat, 1 Jul 2006 17:22:05 +0200, > > Chris Carter <cdcarter@gmail.com> said: > > > I would suggest setting up a production style server (mongrel, lightTPD, > > > apache). WEBrick shouldn''t be run in production, and has little support > > > for anything besides plain old http. > > > > I''m planning to set up Apache + mod_ssl in production, but I want to > > simply check my server using WEBrick for now in development. > > > > I''ll try to set up a production server. Thanks for your suggestion. > > Lighttpd is the easiest to configure for ssl. Just change the port to > 443 and add the following after the port configuration: > > ssl.engine = "enable" > ssl.ca-file = "ca.pem" > ssl.pemfile = "ssl.pem" > > Put your key and certificate in ssl.pem. You probably won''t need > ca.pem, especially if you are using a self signed cert.I have tried to set up ssl-enabled-lighttpd and done. It was much simpler than apache+mod_ssl. Now I can start setting my application accessible via lighttpd. Thanks a lot!