tags:

views:

225

answers:

3
+1  Q: 

SSL configuration

I am trying to setup the ssl_requirement plugin. For my users controller I would like to require ssl for new and create. When I open users/new the browser redirects to https but I get an unable to connect error message. The application error log says :

Filter chain halted as [:ensure_proper_protocol] rendered_or_redirected.

I am not sure if I have configured the plugin incorrectly or if I made an error with the nginx configuration.

A: 

Make sure your form_for uses a secure url:

form_for @user, :url => user_path(:secure => true)
Jonathan Julian  2010-03-23 02:37:56
I didn't realize this was needed; don't recall seeing it in the plugin readme.
kit  2010-03-23 03:17:07
It probably doesn't say this in the documentation and the reason isn't exactly clear, but the main gist of it is this: Assume you have a page that **only** accepts posts over https (using `ssl_requirement`). If you `post` to that form over http, it will redirect and re-post over https; however, the initial damage is done as the data was sent at least **once** over http. Basically -- be careful how you use this and make sure you're not entirely relying on the gem.
jerhinesmith  2010-03-23 13:41:30
A: 

That sounds like what you should be seeing. The request was recognized as an http request and was redirected to be served over https.

If you're on your development machine, it's going to redirect you to https://localhost/rest_of_url, so if you don't have a server running on your machine on port 443, then it's going to throw an error.

Is your browser not getting redirected?

jerhinesmith  2010-03-23 02:40:17
I am trying to work this out on a production server actually. The page does redirect from http to https for users/new but the browser says unable to connect.
kit  2010-03-23 03:07:55
How can i test nginx port 443 to see if the ssl setup is corrent?
kit  2010-03-23 03:52:06
I believe you'll have to specify a `server` in your nginx config file that listens to port 443. This site has an example configuration with an app running on 443: http://articles.slicehost.com/2007/12/19/ubuntu-gutsy-nginx-ssl-and-vhosts
jerhinesmith  2010-03-23 13:19:25
It looks like a nginx configuration issue. I am unable to start nginx and I get this error: Starting nginx: [emerg]: unknown directive "ssl" in /opt/nginx/conf/nginx.conf:123. That line is : ssl_certificate /etc/ssl/localcerts/domain_combined.crt;
kit  2010-03-23 19:11:18
A: 

It looks like when I installed nginx through passenger I did not get the ssl module. I went back and installed nginx from source on it own.

kit  2010-03-23 23:45:02

related questions

Is there a rake task for backing up the data in your database?
How to represent cross-model information in MVC?
WYSIWYG editor gem for Rails?
Best Solution For Authentication in Ruby on Rails
Acts-as-readable Rails plugin Issue
Associating source and search keywords with account creation
Any tips on getting Rails to run with an Access back-end?
Being as DRY as possible in a Ruby on Rails App
How Do You Secure database.yml?
What IDE to use for developing in Ruby on Rails on windows?
Is Ruby On Rails ready for the Enterprise?
OpenID authentication in Ruby on Rails
Why Doesn't My Cron Job Work Properly?
Why does sqlite3-ruby-1.2.2 not work on OS X?
Ruby mixins and calling super methods
Why all the Active Record hate?
Haml: how do I set a dymanic class value?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
Ruby On Rails with Windows Vista - Best Setup?
What is good forum software to add to an existing Rails application?
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.