如何让 Rails、SSL 和 Apache 更好地发挥作用?
尝试让我的 Rails 应用程序使用 SSL 提交一些敏感表单数据,但运气不佳。基本问题是,一旦我提交表单(这是在 POST 请求上),它就会挂起一分钟,然后说服务器没有响应。
这是我正在使用的:
Apache 2.2.3 轨道2.3.8 RedHat Linux(Rackspace 服务器)
使用 ssl_requirement 插件,如下所示:
ApplicationController:
class ApplicationController < ActionController::Base
include SslRequirement
helper :all # include all helpers, all the time
protect_from_forgery # See ActionController::RequestForgeryProtection for details
# Scrub sensitive parameters from your log
filter_parameter_logging :password
end
控制器 我想在操作上使用 SSL:
class RegistrationsController < ApplicationController
ssl_required :create
...
end
我的 httpd.conf 包含此行来获取 ssl.conf:
Include conf.d/*.conf
以及我的 SSL VHost (在conf.d/ssl.conf文件中)看起来像这样:
<VirtualHost XXX.XXX.XXX.XXX:443>
ServerName www.nameofmyapp.com
ServerAlias nameofmyapp.com
DocumentRoot /var/www/apps/myapp/current/public
RailsEnv production
RequestHeader set X_FORWARDED_PROTO 'https'
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/2012-nameofmyapp.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/2012-nameofmyapp.com.key
SSLCACertificateFile /etc/pki/tls/certs/SecureSite_Bundle.pem
</VirtualHost>
Trying to get my Rails app submitting some sensitive form data with SSL and not having too much luck. The basic problem is that once I submit a form (this is on a POST request), it just hangs for a minute and then says the server is not responding.
Here's what I'm working with:
Apache 2.2.3
Rails 2.3.8
RedHat Linux (Rackspace server)
Using the ssl_requirement plugin as follows:
ApplicationController:
class ApplicationController < ActionController::Base
include SslRequirement
helper :all # include all helpers, all the time
protect_from_forgery # See ActionController::RequestForgeryProtection for details
# Scrub sensitive parameters from your log
filter_parameter_logging :password
end
Controller I want to use SSL on an Action:
class RegistrationsController < ApplicationController
ssl_required :create
...
end
My httpd.conf includes this line to grab ssl.conf:
Include conf.d/*.conf
And my SSL VHost (in the conf.d/ssl.conf file) looks like this:
<VirtualHost XXX.XXX.XXX.XXX:443>
ServerName www.nameofmyapp.com
ServerAlias nameofmyapp.com
DocumentRoot /var/www/apps/myapp/current/public
RailsEnv production
RequestHeader set X_FORWARDED_PROTO 'https'
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/2012-nameofmyapp.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/2012-nameofmyapp.com.key
SSLCACertificateFile /etc/pki/tls/certs/SecureSite_Bundle.pem
</VirtualHost>
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这就是我所做的,而且效果很好(尽管这是 OS X,而不是 Linux)
http://web.archive.org/web/ 20120919184321/http://shiningthrough.co.uk/Setting-up-an-SSL-enabled-Apache-development-server-using-Phusion-Passenger-on-OS-X-Snow-Leopard
This is what I have done, and it works great (although this is OS X, not Linux)
http://web.archive.org/web/20120919184321/http://shiningthrough.co.uk/Setting-up-an-SSL-enabled-Apache-development-server-using-Phusion-Passenger-on-OS-X-Snow-Leopard