Testing HTTPS with badssl.com
Website that offers lots of different kinds of HTTPS configurations, bad or good or complicated.
They also offer a dashboard Show archive.org snapshot to check if your browser's HTTPS handling works as expected (which might be compromised e.g. due to security products or enterprise proxy servers).
Related cards:
RestClient / Net::HTTP: How to communicate with self-signed or misconfigured HTTPS endpoints
Occasionally, you have to talk to APIs via HTTPS that use a custom certificate or a misconfigured certificate chain (like missing an intermediate certificate).
Using RestClient will then raise RestClient::SSLCertificateNotVerified
errors, or wh...
Working around OpenSSL::SSL::SSLErrors
If your requests blow up in Ruby or CURL, the server you're connecting to might only support requests with older SSL/TLS versions.
You might get an error like: OpenSSL::SSL::SSLError: SSL_connect SYSCALL returned=5 errno=0 state=unknown state
...
Ruby: How to connect to a host with expired SSL certificate
If you need to make an HTTPS connection to a host which uses an expired certificate, do not disable certificate verifications entirely. Doing that enables e.g. man in the middle attacks.
If you accept only a single expired and known certifica...
Marry Capybara with SSL-enabled applications
Capybara does not play nice with sites that have some actions protected by SSL, some not. A popular way to implement this in Rails is using the ssl_requirement plugin by DHH, which redirects a...
How to enable SSL in development with Passenger standalone
Here is how to start your Rails application to accept both HTTP and HTTPS in development.
-
gem install passenger
-
Create a [self-signed SSL certificate](https://makandracards.com/makandra/15901-howto-create-a-self-signed-certificate...
Local development with SSL and Puma
Sometimes the need arises for SSL in local development. We have guides for different webservers, this one is for puma.
- make sure [mkcert is installed](/makandra/15901-howto-create-...
Using Thin for development (with SSL)
Note: These instructions are for a quick per-project setup and may require you to change code. If you generally need SSL for development, you probably want to use [Passenger](https://makandracards.com/makandra/549-using-passenger-for-developme...
Using Passenger for development (with optional SSL)
- install apache
sudo apt-get install ruby1.8-dev
sudo gem install passenger
sudo passenger-install-apache2-module
- follow the instructions
Manually: configure a vhost in /etc/apache2/sites-available
and link it to `/etc/apache2/s...
Dealing with I18n::InvalidPluralizationData errors
When localizing model attributes via I18n you may run into errors like this:
I18n::InvalidPluralizationData: translation data { ... } can not be used with :count => 1. key 'one' is missing.
They seem to appear out of the blue and the ...
Apache: SSL with Virtual Hosts Using SNI
With SNI, you can have many virtual hosts with HTTPS sharing the same IP address and port, and each one can have its own unique certificate. SNI is supported by all major browsers except Internet Explorer on XP, Safari on XP, wget, Android and Java.