Using Thin for development (with SSL)
Note: These instructions are for a quick per-project setup and may require you to change code. If you generally need SSL for development, you probably want to use Passenger.
Create a directory
.sslin your home directory. Go there and create a self-signed certificate. It is important to enter
Common Namewhen asked. This is to make your browser believe the certificate is owned by the
Add localhost.ssl to your hosts fileCopy
echo "127.0.0.1 localhost.ssl" | sudo tee -a /etc/hosts
Put the attached initializer into
config/initializers. It monkey-patches the
ForceSSLmodule to work in development and incorporates two custom config settings:
config.use_ssl = false. (Turn off SSL generally.)
config.use_ssl = true. (Turn on SSL in production.)
config.use_ssl = trueand
config.ssl_port = 3001. (Turn on SSL in development and point your app to port
force_sslto any controller you need. You may provide
:only => :some_actionand
:except => :some_unsafe_actionas options.
thin start -p 3001 --ssl --ssl-key-file ~/.ssl/server.key --ssl-cert-file ~/.ssl/server.crt
-ptells thin to bind to port
3001. To have a
httpdevelopment server running at the same time, start it with
thin start -p 3000. (To run your application with thin, add
gem 'thin'to your Gemfile.)
Point your browser to
http://localhost:3000. You should be redirected to
https://localhost:3001/. Do not expose a client certificate if asked, cancel that alert. It will just work fine without.
Troubleshooting for Mac
All security and password matter is tracked by Keychain Access. When you've messed with your certificates, e.g. exposed a client certificate, start it up and type
localhost into the search field. It'll list your self-signed certificate and registered client certificates. Just delete the identity preference item(s) and it should work again.