Tisamu
1/27/2017 - 12:13 PM

Use SSL With Puma and Rails (For https)

Use SSL With Puma and Rails (For https)

# 1) Create your private key (any password will do, we remove it below)

$ cd ~/.ssh
$ openssl genrsa -des3 -out server.orig.key 2048


# 2) Remove the password

$ openssl rsa -in server.orig.key -out server.key


# 3) Generate the csr (Certificate signing request) (Details are important!)

$ openssl req -new -key server.key -out server.csr

# IMPORTANT
# MUST have localhost.ssl as the common name to keep browsers happy 
# (has to do with non internal domain names ... which sadly can be
# avoided with a domain name with a "." in the middle of it somewhere)

Country Name (2 letter code) [AU]:
...
Common Name: localhost.ssl 
...


# 4) Generate self signed ssl certificate 

$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

# 5) Finally Add localhost.ssl to your hosts file

$ echo "127.0.0.1 localhost.ssl" | sudo tee -a /private/etc/hosts

# 6) Boot puma
$ puma -b 'ssl://127.0.0.1:3000?key=/Users/tadas/.ssh/server.key&cert=/Users/tadas/.ssh/server.crt'

7) Add server.crt as trusted !!SYSTEM!!
$ sudo cp server.cert /usr/local/share/ca-certificates/
$ sudo update-ca-certificates

# Notes:
# 1) Https traffic and http traffic can't be served from the same process. If you want 
#    both you need to start two instances on different ports.
#
#
require_relative 'boot'

require 'rails/all'

# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)

module GamdomAnalyser
  class Application < Rails::Application
    # Settings in config/environments/* take precedence over those specified here.
    # Application configuration should go into files in config/initializers
    # -- all .rb files in that directory are automatically loaded.
    config.force_ssl = true # Forcing usage of SSL (For https protocol)
    config.sass.preferred_syntax = :sass
  end
end