Monday 3 March 2014

Textual Representation of logo

How to Use SSL in RAILS

Here Are the steps to be used in order to enable HTTPS in your rails web app .

Create SSL Certificate to Use HTTPS In Rails ENV (Rails Version > 3.0.0)

 # Self Signed SSL Certificate to Use with rails

  •  Go To Your Project Root Folder 
  •  Type “mkdir .ssl”
  •  Type “openssl req -new -newkey rsa:2048 -sha1 -days 365 -nodes -x509 -keyout .ssl/localhost.key -out .ssl/localhost.crt”   
Command Explanation:
# req      --> Create a new Request.
# -x509    --> The result of this will be an X.509 certificate, not a Certificate Signing request.

# -sha1    --> Make sure to use SHA1 as this certificate's hashing algorithm. (newer versions of OpenSSL should default to this)

# -newkey  --> create a new key.

# rsa:2048 --> the key will be of type RSA, and will be 2048 bits long

# -nodes   --> Don't encrypt the key


Here is the Sample Input for the following parameters:
Generating a 2048 bit RSA private key

....+++

..................................+++

unable to write 'random state'

writing new private key to '.ssl/localhost.key'

-----

You are about to be asked to enter information that will be incorporated

into your certificate request.

What you are about to enter is what is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will be a default value,

If you enter '.', the field will be left blank.

-----

Country Name (2 letter code) [AU]:IN

State or Province Name (full name) [Some-State]:RAJASTHAN

Locality Name (eg, city) []:Bhilwara

Organization Name (eg, company) [Internet Widgits Pty Ltd]:JavaRoots

Organizational Unit Name (eg, section) []:Rails

Common Name (e.g. server FQDN or YOUR name) []:RAILS DEV TEAM

Email Address []:railsdevteam@devteam.com


This will create following files in your SSL folder :
1. localhost.crt

2. localhost.key

Now After creating ssl files , following steps will be required :

  • Run “echo "127.0.0.1 localhost.ssl" | sudo tee -a /private/etc/hosts”
  • Edit you GemFile and add gem “thin”
  • Create a New Initializer file named ssl_config.rb add these lines:
    ActionController::ForceSSL::ClassMethods.module_eval do
      def force_ssl(options = {})
        config = Rails.application.config
    
        return unless config.use_ssl # <= this is new
    
        host = options.delete(:host)
        port = config.ssl_port if config.respond_to?(:ssl_port) && config.ssl_port.present? # <= this is also new
    
        before_filter(options) do
          if !request.ssl?# && !Rails.env.development? # commented out the exclusion of the development environment
            redirect_options = {:protocol => 'https://', :status => :moved_permanently}
            redirect_options.merge!(:host => host) if host
            redirect_options.merge!(:port => port) if port # <= this is also new
            redirect_options.merge!(:params => request.query_parameters)
            redirect_to redirect_options
          end
        end
      end
    end
    
    
    
  • Open your config/application.rb and add “config.use_ssl = false”
  • Now edit your enviroment files to
     development.rb => 
      “config.use_ssl = true”
      “config.ssl_port = 3000”
    
  • Now Add “force_ssl” to app/controllers/application_controller.rb at top priority.
  • Now Run your Server using this command:
     “thin start -p 3000 --ssl --ssl-verify --ssl-key-file .ssl/localhost.key --ssl-cert-file .ssl/localhost.crt”
    
    
Voila !! Now your rails server is configured to use HTTPS !!!


Njoy Coding in Rails.


A Big Thanks to Santosh for writing this post !!