在ubuntu上开发时无法使用Mongrel和Rails 3为SSL设置Apache

Question

I'm trying to setup apache2 so that I can try ssl in development on my rails 3 app on ubuntu.

The rails app works, except for https where in Fire Fox i get:

The connection was interrupted 
The connection to localhost:3000 was interrupted while the page was loading.

In the console i get:

Thu Oct 14 15:56:28 +1100 2010: HTTP parse error, malformed request (127.0.0.1):
#<Mongrel::HttpParserError: Invalid HTTP format, parsing fails.>
Thu Oct 14 15:56:28 +1100 2010: REQUEST DATA: "\200U\001\003\000\000<\000\000\000\020\000\000\210\000\000\207\000\0008\000\000\204\000\0005\000\0009\000\000E\000\000D\000\0003\000\0002\000\000\226\000\000A\000\000\004\000\000\005\000\000/\000\000\026\000\000\023\000\376\377\000\000\n\000\000\377[������-V\214�e\277P-"
---
PARAMS: {}
---

I get the above console error whether Apache is running or not when using https. Which makes me think https localhost:3000 requests are never passing through Apache and instead going straight to mongrel which can't handle ssl.

Apache is working because if I go to http://localhost I get the default 'It Works' web page. I'm pretty sure the self signed certificates I created are also fine because going to https://localhost brings up the page in firefox asking if you trust the site and also lets me see the details of the certificate.

I've done a heap of googling and I've read through and tried a bunch of guides but many of them are a few years old and possibly out of date.

I ended up uninstalling apache2 and then reinstalling following this ubuntu guide https://help.ubuntu.com/10.04/serverguide/C/httpd.html It has a section on https configuration which I did and it creates this file -> /etc/apache2/site-available/default-ssl. It looks like this

<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost

DocumentRoot /var/www
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>
<Directory /var/www/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride None
    Order allow,deny
    allow from all
</Directory>

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
    AllowOverride None
    Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
    Order allow,deny
    Allow from all
</Directory>

ErrorLog /var/log/apache2/error.log

LogLevel warn

CustomLog /var/log/apache2/ssl_access.log combined

Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
    Options Indexes MultiViews FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
    Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>

SSLEngine on

SSLCertificateFile    /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch "MSIE [2-6]" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

# Used by Rails. Mentioned in all the Rails SSL tutorials.
RequestHeader set X_FORWARDED_PROTO "https"

</VirtualHost>
</IfModule>

All I modified in there is the certificate and key locations, made it <VirtualHost *:443> instead of <VirtualHost _default_:443> and added the RequestHeader set X_FORWARDED_PROTO "https" line at the end as all the guides said to do. I'm not sure what else needs to be changed. At one point I did try setting the DocumentRoot to the public folder of my rails app but it didn't make a difference.

Apache restarts fine and there are no errors in the log.

I'm sure I must be really close to having it working but I've spent many hours over many days and just can't figure it out. My best guess is that I have something wrong or missing in the apache config file above.

My Questions are:

1. How do I know if the requests are actually going through apache?
2. If its not why is the https ssl request going through to mongrel and not being handled by apache?
3. What do I need to do to get it working?

Answer 1

I stuffed around for ages and still couldn't get it working with just apache so ended up following parts of this ubuntu rails guide and installing Passenger. Passenger was nice and quick to install and best of all https works now in development.

I guess I should put virtualHost *.80 in default and virtualHost *.443 in default-ssl but anyway this is what my sites-available/default-ssl file now looks like(store = rails app name):

<VirtualHost *:80>
  ServerName localhost
  DocumentRoot /home/daniel/www/store/public    
  <Directory /home/daniel/www/store/public>
    AllowOverride all              
    Options -MultiViews            
  </Directory>
</VirtualHost>

<VirtualHost *:443>
  ServerName localhost   
  SSLEngine on
  SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLCertificateFile /etc/ssl/certs/server.crt
  SSLCertificateKeyFile /etc/ssl/private/server.key
  RequestHeader set X_FORWARDED_PROTO 'https'
  DocumentRoot /home/daniel/www/store/public    
  <Directory /home/daniel/www/store/public>
     AllowOverride all              
     Options -MultiViews            
  </Directory>
</VirtualHost>

my httpd.conf file looks like this with settings for passenger and running rails in development mode using development database:

ServerName localhost
LoadModule passenger_module /usr/lib/ruby/gems/1.8/gems/passenger-3.0.0/ext/apache2/mod_passenger.so
PassengerRoot /usr/lib/ruby/gems/1.8/gems/passenger-3.0.0
PassengerRuby /usr/bin/ruby1.8
RailsEnv development
RackEnv development

I'm still not 100% sure on how all the ports work but I'm guessing by using http://localhost:3000 the 3000 bit makes it go direct to mongrel and not through apache and therefore why the ssl never worked before. With apache and passenger setup as above I now go to http://localhost or https://localhost and it goes through apache and now works.