Here is how to start your Rails application to accept both HTTP and HTTPS in development.

1. gem install passenger

2. Create a self-signed SSL certificate. Store the generated files in config/passenger-standalone-ssl.

3. Create a Passengerfile.json at the project root with this content (or save the attached file):

   {
     "ssl": true,
     "ssl_port": 3001,
     "ssl_certificate": "config/passenger-standalone-ssl/server.crt",
     "ssl_certificate_key": "config/passenger-standalone-ssl/server.key"
   }
   

   If you just want to run Passenger without a config file, use this command to start Passenger:

   passenger start --ssl --ssl-port 3001 --ssl-certificate config/passenger-standalone-ssl/server.crt --ssl-certificate-key config/passenger-standalone-ssl/server.key
   

4. passenger start

5. Connect to https://localhost:3000/ for HTTP, to https://localhost:3001/ for HTTPS.

Warnings from chrome might not be accurate

Even though the certificate is working locally, chrome might still complain that the certificate is not valid and the connection is not secure while blotting out the "https" part of the url.

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

• Prevents you from data breaches and liability risks
• Upgrade at your own pace
• Works with modern Rubies

Read more Show archive.org snapshot