我正在使用sqlite在Ubuntu上以开发模式运行rails 3.1。 rails服务器在端口3000上运行,我将nginx设置为proxy_pass端口80和443到端口3000.当我将config.force_ssl = true
放入我的Application.rb并重新启动rails服务器时,我收到一个错误,看起来喜欢:
Secure Connection Failed
An error occurred during a connection to localhost:3000.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
The page you are trying to view can not be shown because the authenticity of the received data could not be verified.
Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
当我将其更改回config.force_ssl = false
并重新启动rails服务器时,我仍然收到错误[2011-12-30 09:48:02] ERROR bad URI 9W\x0Fe���h=9��ݔ|�#��)�/6\x00\x00H\x00��'
。在rails控制台中。如果我也清除浏览器缓存,这一切都会消失,一切都恢复正常。但是如何让force_ssl = true
工作?
以下是我的Application.rb的一部分:
module Regi
class Application < Rails::Application
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
config.generators do |g|
g.template_engine :haml
end
config.force_ssl = true
end
end
这是我的/ etc / nginx / sites-enabled / default:
server {
#listen 80; ## listen for ipv4; this line is default and implied
#listen [::]:80 default ipv6only=on; ## listen for ipv6
root /usr/share/nginx/www;
index index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.html
proxy_pass http://localhost:3000;
try_files $uri $uri/ /index.html;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/www;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# HTTPS server
server {
listen 443;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
ssl on;
ssl_certificate /usr/local/conf/ssl_keys/server.crt;
ssl_certificate_key /usr/local/conf/ssl_keys/server.key;
location / {
proxy_pass http://localhost:3000;
proxy_set_header X-Real-IP $remote_addr;
# root html;
# index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
答案 0 :(得分:2)
当我配置nginx ssl服务器时,我遇到了完全相同的错误消息。那是因为我没有ssl crt和key.And在你的nginx配置文件中,我注意到有crt和key。所以你确定crt和key都可以吗? 如果您不确定,可以尝试以下链接来创建self_assigned crt。 http://devcenter.heroku.com/articles/ssl-certificate-self
P.S。我想把这个答案附加为一个小评论,但似乎我没有这个权限
答案 1 :(得分:0)
ActionController :: ForceSSL告诉它在'开发'模式下不要重定向它。