Enable https in a rails app on a thin server

Question

I have a rails app running a thin server on heroku. It currently uses http. I would like to use https for bot development and production. Where do I begin to do this.

I have looked at this railscast where they show how to use a POW server. I dont want to use a POW server, I want to use a Thin server.

I also looked here: But here they assume that you have open ssl insatlled.

I haven't found any place which shows how to run https on a thin server from scratch.

I was wondering if anyone has any suggestions.

Thanks

score 26 · Answer 1 · answered Jul 21 '12 at 05:22

26

Try this:

$ thin start --ssl

You will need a separate instance if you want both ssl and non-ssl ports.

answered Jul 21 '12 at 05:22

Tanzeeb Khalili

7,214
2
22
27

I run `thin start -e production --ssl --ssl-key-file ~/.ssl/.key --ssl-cert-file ~/.ssl/bundle.crt` Both my .key file and the .crt file are in place. The server starts fine but I cannot access any of my API endpoints anymore, what more must be done so that I can accesss all of my endpoints but with `https://` prefix. – ancajic Oct 08 '16 at 18:33
For anyone wondering: `thin --ssl` uses a default SSL cert (via `eventmachine`) when the cert file and key file aren't specified. The name on the cert is odd: https://github.com/eventmachine/eventmachine/issues/681 You wouldn't want to use this in production. – Nathan Long May 17 '17 at 19:06

score 26 · Accepted Answer · edited May 23 '17 at 11:46

26

I don't know if you need it, but this helped me:

  thin start --ssl --ssl-verify --ssl-key-file ssllocal/server.key
--ssl-cert-file ssllocal/server.crt

edit path to ssl key and ssl fild. For example my keys were in paypal folder, so command was

    thin start --ssl --ssl-verify --ssl-key-file paypal/server.key
--ssl-cert-file paypal/server.crt

If you will have problems you can look at this post - Thin with SSL support and ruby-debug.

Hope this helps.

edited May 23 '17 at 11:46

Community

1
1

answered Aug 02 '12 at 12:13

deny7ko

2,323
8
38
69

Ain't it possible to move this to `development.rb` config file to keep using `rails server` command? – Augustin Riedinger Mar 21 '14 at 11:45
I ask the same, is there a config file for thin where I can put all those SSL settings in? – W.M. Jun 19 '16 at 20:44

Hieu Le · Answer 3 · 2015-06-12T03:21:26.043

8

You should to use thin to do it:

$ sudo apt-get install thin

And add this line in config/application.rb

config.force_ssl = true

Then run app on thin with command line:

$ thin start --ssl

edited Jun 12 '15 at 03:21

answered May 06 '13 at 09:24

Hieu Le

1,996
1
20
23

2

Warning if you're just experimenting: using `force_ssl` will, among other things, enable HTTP Strict Transport Security. So your browser will be told "ONLY use https on this domain." If the domain is `localhost`, that may confuse you later. You can Google how to clear HSTS in your browser. – Nathan Long May 17 '17 at 19:09

Enable https in a rails app on a thin server

3 Answers3

Linked