Thanks, James, I'll try this. I thought it should be that simple, but the catch is forwarding all traffic to port 443 before Rails sees the request.
Cheers, Chris On Dec 17, 1:08 pm, James Miller <[email protected]> wrote: > Did you setup a VirtualHost running on port 443 as well as port 80? You > need both -- the SSL VirtualHost will need to be IP based, have a valid > cert/private key, and have SSL enabled. For the non-SSL virtualhost, point > it to an empty directory (not to your rails app) and add a .htaccess that > redirects all traffic to the HTTPS URL. That way your Rails app will never > receive a request that's not HTTPS. You shouldn't need a plugin for what > you're doing, as Rails won't need to know about the protocol. > > Example: > > <VirtualHost 1.2.3.4:443> > ServerNamewww.example.com > DocumentRoot /home/user/apps/app-production/current/public > <Directory "/home/user/apps/app-production/current/public"> > Options FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> > > SSLEngine on > SSLCipherSuite > ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL > SSLCertificateFile /home/user/ssl/www.example.com/www.example.com.crt > SSLCertificateKeyFile /home/user/ssl/www.example.com/www.example.com.key > </VirtualHost> > > James > > On Thu, Dec 17, 2009 at 1:00 PM, Chris McCann <[email protected]> wrote: > > I've got a client who wants me to run their Ruby on Rails site using > > https all the time because of the type of information they're > > processing with the application. I'm having trouble getting Rails to > > use the https protocol. I've deployed to Apache2 with Passenger. > > > I thought it would be a simple matter of getting an SSL certificate > > and configuring the web server to use it. I added the > > X_FORWARDED_PROTO "https" line to the virtual host but that didn't do > > the trick. > > > I know of DHH's ssl_requirement plugin, but I don't really need the > > granularity of running particular controller actions under https -- I > > want everything in https all the time. > > > I did find post on another group that mentioned adding a re-write rule > > for the *:80 vhost like this: > > > RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=permanent] > > > Is this required? Can anybody here point out what part of the > > configuration, either in Apache, Passenger or Rails, that I've > > overlooked? > > > Thanks, > > > Chris > > > -- > > SD Ruby mailing list > > [email protected] > >http://groups.google.com/group/sdruby > > -- SD Ruby mailing list [email protected] http://groups.google.com/group/sdruby
