webrick使用ssl做什么?

时间:2016-06-11 07:36:22

标签: ruby-on-rails ssl webrick

我有一个rails 4应用程序,我想在webrick上使用SSL运行它。我需要做什么?

我已经为域名添加了ssl证书,并且像这样添加了

捆绑exec rails s -e production -p 3001 --binding = 0.0.0.0

现在我收到了这个错误:

Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator at  to inform them of the time this error occurred, and the actions you performed just before this error.

More information about this error may be available in the server error log.

Additionally, a 500 Internal Server Error error was encountered while trying to use an ErrorDocument to handle the request.

Apache Server at domain.de Port 443

由于

为Apache HTTPS设置的指令

ProxyPreserveHost On
ProxyRequests On
ServerName domain.de
ServerAlias *.domain.de
ProxyPass / https://subdomain.domain.de:3001/
ProxyPassReverse / https://subdomain.domain.de:3001/
SSLEngine on

2 个答案:

答案 0 :(得分:5)

大多数人通过从webrick转换为thin(甚至更好,unicorn / puma / passenger)来解决这个问题。我不认为webrick是为生产而设计的。

您也可以在apache处终止SSL,以便webrick仅处理http。 (另外,假设Apache在同一个盒子上运行,你不需要绑定到0.0.0.0。Localhost会这样做,并且绑定到外部IP听起来像是一个安全漏洞。)

如果您真的想保持webrick并让它处理SSL,请按照this other answer中的说明更改bin/rails

答案 1 :(得分:0)

要使用ssl,只需在application.rb

中提供 
config.force_ssl = true

不推荐Webrick用于生产。现在,在生产中部署的最佳和最简单的方法是使用nginx与乘客或Puma。

Nginx with Phusion Passenger

您可以查看官方文档here这是非常简单且逐步的过程。

乘客的宝石

gem "passenger", ">= 5.0.25", require: "phusion_passenger/rack_handler"

Nginx与Puma

安装Puma gem将其添加到您的Gemfile 

gem "puma"

在应用程序根目录中创建Procfile。 Procfile for simple puma 

web: bundle exec puma -C config/puma.rb

goto / create config / initializers / puma.rb

编辑worker旁边的值以匹配您的服务器核心。这就是我的文件的外观。

workers 2 #Change this to match the number of cores in your sever.My server has 2 cors
threads_count = Integer(ENV['MAX_THREADS'] || 5)
threads threads_count, threads_count

preload_app!

rackup      DefaultRackup
port        ENV['PORT']     || 3000
environment ENV['RACK_ENV'] || 'development'

on_worker_boot do
  # Worker specific setup for Rails 4.1+
  # See: https://devcenter.heroku.com/articles/deploying-rails-applications-with-the-puma-web-server#on-worker-boot
  ActiveRecord::Base.establish_connection
end

Nginx文件配置

server {
    listen 80;
    listen 443 ssl;

    server_name servername.com;

    ssl_certificate /root/cert_chain.crt;
    ssl_certificate_key /root/mycert.key;

    # Tell Nginx and Passenger where your app's 'public' directory is
    path to your apps public folder

    # Turn on Passenger
    passenger_enabled on;
    passenger_ruby /root/.rbenv/shims/ruby;

    # vary encoders

   gzip on;
   gzip_min_length  1100;
   gzip_buffers  4 32k;
   gzip_types    text/plain application/json application/x-javascript text/xml text/css text/javascript;
   gzip_vary on;

}
相关问题
最新问题