stackoom
  简体   繁体   中英

SSL rails nginx

 原文  2016-08-17 15:59:04       ruby-on-rails/ ssl/ nginx/ amazon-ec2

Question

I am trying to install a SSL certificate that I recently acquired from GoDaddy. My web application is on Rails 4.2.6 and I am using an Ubuntu Server 14.04. I am also using Phusion Passenger 5.0.28 and Nginx. I don't know if it makes any difference, but I launched the instance using AWS' EC2.

I created a combined file using the two .crt files sent by GoDaddy.

When I edit my application.rb file: 

config.force_ssl = true

I receive the following error:

ERR_CONNECTION_TIMED_OUT

There are two files that I have tried editing, with not success so far:

  1. nginx.conf. The server block currently look like this: 

     server { listen 443 ssl; server_name localhost; ssl_certificate /var/www/primeraraiz5/primeraraiz_combined.crt; ssl_certificate_key /var/www/primeraraiz5/primeraraiz.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } } include /etc/nginx/sites-enabled/*;

  2. rails.conf (in a sites-available directory; which is “symbolically linked” to the sites-enabled directory ). The server block looks like this: 

     server { listen 443 ssl; passenger_enabled on; passenger_app_env production; root /var/www/primeraraiz5/public; server_name 52.39.200.205 primeraraiz.com; } server { server_name www.primeraraiz.com; return 301 $scheme://primeraraiz.com$request_uri; }

I don't know if I am doing something wrong in these files or if I should change any settings at AWS or with the company that currently hosts my domain.

Thanks a lot for your help!

1 answers

solution1
 1  2016-08-17 16:16:06

There are a couple of things to do to your configuration.

The first is the server block containing the redirect. Since you haven't provided us with a server that's listening on port 80, I assume that you want to redirect all requests to http://www.primeraraiz.com; to HTTPS. If so, replace $scheme with https so that your block looks as follows: 

server {
    server_name www.primeraraiz.com;
    return 301 https://primeraraiz.com$request_uri;
}

Next, the SSL offloading needs to happen in the server block from which you're serving. In your case, you're offloading SSL for server name localhost , and not for primeraraiz.com which is what I assume you're trying to do. So copy the SSL parameters of your first server block to the one that has server name primeraraiz.com to end up with: 

server {
    listen 443 ssl;
    server_name 52.39.200.205 primeraraiz.com;

    ssl_certificate /var/www/primeraraiz5/primeraraiz_combined.crt;
    ssl_certificate_key /var/www/primeraraiz5/primeraraiz.com.key;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;

    passenger_enabled on;
    passenger_app_env production;
    root /var/www/primeraraiz5/public;
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question nginx not serving rails assets in ssl Rails 4 + nginx + unicorn + ssl = 502 Bad Gateway How to get SSL to work in Rails on Nginx? Enable SSL on Ruby on Rails app with Nginx and Puma NGINX and SSL Enforcement Through Routes in Rails Redirection loop with NGinx on a rails application with ssl Rails, Nginx, Passenger, SSL - File Uploads Not Working InvalidAuthenticityToken in Rails 5 behind Nginx using SSL Force ssl for logged in users in rails using nginx nginx configuration for ssl certificate installation with rails application
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM