Posted over 5 years ago. Visible to the public. Linked content.

Using Thin for development (with SSL)

Note: These instructions are for a quick per-project setup and may require you to change code. If you generally need SSL for development, you probably want to use Passenger.


  1. Create a directory .ssl in your home directory. Go there and create a self-signed certificate. It is important to enter localhost.ssl as Common Name when asked. This is to make your browser believe the certificate is owned by the localhost domain.

  2. Add localhost.ssl to your hosts file

    Copy
    echo "127.0.0.1 localhost.ssl" | sudo tee -a /etc/hosts
  3. Put the attached initializer into config/initializers. It monkey-patches the ForceSSL module to work in development and incorporates two custom config settings: use_ssl and ssl_port.

  4. In your application.rb, add config.use_ssl = false. (Turn off SSL generally.)

  5. In your environments/production.rb add config.use_ssl = true. (Turn on SSL in production.)

  6. In your environments/development.rb add config.use_ssl = true and config.ssl_port = 3001. (Turn on SSL in development and point your app to port 3001.)

  7. Add force_ssl to any controller you need. You may provide :only => :some_action and :except => :some_unsafe_action as options.

  8. Boot thin

    Copy
    thin start -p 3001 --ssl --ssl-key-file ~/.ssl/server.key --ssl-cert-file ~/.ssl/server.crt

    The option -p tells thin to bind to port 3001. To have a http development server running at the same time, start it with thin start -p 3000. (To run your application with thin, add gem 'thin' to your Gemfile.)

  9. Point your browser to http://localhost:3000. You should be redirected to https://localhost:3001/. Do not expose a client certificate if asked, cancel that alert. It will just work fine without.

Troubleshooting for Mac

All security and password matter is tracked by Keychain Access. When you've messed with your certificates, e.g. exposed a client certificate, start it up and type localhost into the search field. It'll list your self-signed certificate and registered client certificates. Just delete the identity preference item(s) and it should work again.

Growing Rails Applications in Practice
Check out our new e-book:
Learn to structure large Ruby on Rails codebases with the tools you already know and love.

Owner of this card:

Avatar
Dominik Schöler
Last edit:
over 4 years ago
Attachments:
ssl_patch_for_development.rb
About this deck:
We are makandra and do test-driven, agile Ruby on Rails software development.
License for source code
Posted by Dominik Schöler to makandra dev
This website uses cookies to improve usability and analyze traffic.
Accept or learn more