如何配置 WEBrick 以通过 HTTPS 使用中间证书？

发布于 2024-12-27 00:11:02 字数 708 浏览 1 评论 0原文

我当前在 Rails 应用程序中使用以下选项来通过 WEBrick 启用 HTTPS：

{
    :Port => 3000,
    :environment => (ENV['RAILS_ENV'] || "development").dup,
    :daemonize => false,
    :debugger => false,
    :pid => File.expand_path("tmp/pids/server.pid"),
    :config => File.expand_path("config.ru"),
    :SSLEnable => true,
    :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
    :SSLPrivateKey => OpenSSL::PKey::RSA.new(
        File.open("certificates/https/key.pem").read),
    :SSLCertificate => OpenSSL::X509::Certificate.new(
        File.open("certificates/https/cert.pem").read),
    :SSLCertName => [["CN", WEBrick::Utils::getservername]]
}

我将如何指定中间证书？

原文

I am currently using the following options in my Rails app to enable HTTPS with WEBrick:

{
    :Port => 3000,
    :environment => (ENV['RAILS_ENV'] || "development").dup,
    :daemonize => false,
    :debugger => false,
    :pid => File.expand_path("tmp/pids/server.pid"),
    :config => File.expand_path("config.ru"),
    :SSLEnable => true,
    :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
    :SSLPrivateKey => OpenSSL::PKey::RSA.new(
        File.open("certificates/https/key.pem").read),
    :SSLCertificate => OpenSSL::X509::Certificate.new(
        File.open("certificates/https/cert.pem").read),
    :SSLCertName => [["CN", WEBrick::Utils::getservername]]
}

How would I go about specifying an intermediate certificate?

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

嘦怹 2025-01-03 00:11:02

经过额外一个小时的谷歌搜索关键词后，我终于找到了答案。以下是定义中间证书的选项：

:SSLExtraChainCert => [
    OpenSSL::X509::Certificate.new(
      File.open("certificates/intermediate.crt").read)]

请注意，该选项需要一个 Array 对象，允许您根据需要包含多个证书。

I managed to find an answer after an extra hour of googling for keywords. Here is the option to define an intermediate certificate:

:SSLExtraChainCert => [
    OpenSSL::X509::Certificate.new(
      File.open("certificates/intermediate.crt").read)]

Note that the option requires an Array object, allowing to you include multiple certificates if needed.

回复收藏 0 原文

请别遗忘我 2025-01-03 00:11:02

如果您使用的是 Rails 3，则将 script/rails 文件修改为

#!/usr/bin/env ruby
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
require 'rubygems' # if ruby 1.8.7 
require 'rails/commands/server'
require 'rack'
require 'webrick'
require 'webrick/https'

module Rails
    class Server < ::Rack::Server
        def default_options
            super.merge({
                :Port => 3000,
                :environment => (ENV['RAILS_ENV'] || "development").dup,
                :daemonize => false,
                :debugger => false,
                :pid => File.expand_path("tmp/pids/server.pid"),
                :config => File.expand_path("config.ru"),
                :SSLEnable => true,
                :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
                :SSLPrivateKey => OpenSSL::PKey::RSA.new(
                       File.open("/key/vhost1.key").read),
                :SSLCertificate => OpenSSL::X509::Certificate.new(
                       File.open("/crt/vhost1.crt").read),
                :SSLCertName => [["CN", WEBrick::Utils::getservername]],
            })
        end
    end
end

APP_PATH = File.expand_path('../../config/application',  __FILE__)
require File.expand_path('../../config/boot',  __FILE__)
require 'rails/commands'

上面的代码是根据将 WEBrick 配置为在 Rails 3 中使用 SSL。这对我有用。

If you are using rails 3, then modify the script/rails file as

#!/usr/bin/env ruby
# This command will automatically be run when you run "rails" with Rails 3 gems installed from the root of your application.
require 'rubygems' # if ruby 1.8.7 
require 'rails/commands/server'
require 'rack'
require 'webrick'
require 'webrick/https'

module Rails
    class Server < ::Rack::Server
        def default_options
            super.merge({
                :Port => 3000,
                :environment => (ENV['RAILS_ENV'] || "development").dup,
                :daemonize => false,
                :debugger => false,
                :pid => File.expand_path("tmp/pids/server.pid"),
                :config => File.expand_path("config.ru"),
                :SSLEnable => true,
                :SSLVerifyClient => OpenSSL::SSL::VERIFY_NONE,
                :SSLPrivateKey => OpenSSL::PKey::RSA.new(
                       File.open("/key/vhost1.key").read),
                :SSLCertificate => OpenSSL::X509::Certificate.new(
                       File.open("/crt/vhost1.crt").read),
                :SSLCertName => [["CN", WEBrick::Utils::getservername]],
            })
        end
    end
end

APP_PATH = File.expand_path('../../config/application',  __FILE__)
require File.expand_path('../../config/boot',  __FILE__)
require 'rails/commands'

The above code was modified from the example in Configuring WEBrick to use SSL in Rails 3. This worked for me.

回复收藏 0 原文

~没有更多了~