I'm trying to setup apache2 so that I can try ssl in development on my rails 3 app on ubuntu.
The rails app works, except for https where in Fire Fox i get:
The connection was interrupted
The connection to localhost:3000 was interrupted while the page was loading.
In the console i get:
Thu Oct 14 15:56:28 +1100 2010: HTTP parse error, malformed request (127.0.0.1):
#<Mongrel::HttpParserError: Invalid HTTP format, parsing fails.>
Thu Oct 14 15:56:28 +1100 2010: REQUEST DATA: "\200U\001\003\000\000<\000\000\000\020\000\000\210\000\000\207\000\0008\000\000\204\000\0005\000\0009\000\000E\000\000D\000\0003\000\0002\000\000\226\000\000A\000\000\004\000\000\005\000\000/\000\000\026\000\000\023\000\376\377\000\000\n\000\000\377[������-V\214�e\277P-"
---
PARAMS: {}
---
I get the above console error whether Apache is running or not when using https. Which makes me think https localhost:3000 requests are never passing through Apache and instead going straight to mongrel which can't handle ssl.
Apache is working because if I go to http://localhost I get the default 'It Works' web page. I'm pretty sure the self signed certificates I created are also fine because going to https://localhost brings up the page in firefox asking if you trust the site and also lets me see the details of the certificate.
I've done a heap of googling and I've read through and tried a bunch of guides but many of them are a few years old and possibly out of date.
I ended up uninstalling apache2 and then reinstalling following this ubuntu guide https://help.ubuntu.com/10.04/serverguide/C/httpd.html It has a section on https configuration which I did and it creates this file -> /etc/apache2/site-available/default-ssl. It looks like this
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/ssl_access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
# Used by Rails. Mentioned in all the Rails SSL tutorials.
RequestHeader set X_FORWARDED_PROTO "https"
</VirtualHost>
</IfModule>
All I modified in there is the certificate and key locations, made it
<VirtualHost *:443>
instead of
<VirtualHost _default_:443>
and added the RequestHeader set X_FORWARDED_PROTO "https" line at the end as all the guides said to do. I'm not sure what else needs to be changed. At one point I did try setting the DocumentRoot to the public folder of my rails app but it didn't make a difference.
Apache restarts fine and there are no errors in the log.
I'm sure I must be really close to having it working but I've spent many hours over many days and just can't figure it out. My best guess is that I have something wrong or missing in the apache config file above.
My Questions are:
- How do I know if the requests are actually going through apache?
- If its not why is the https ssl request going through to mongrel and not being handled by apache?
- What do I need to do to get it working?