Hi guys and gals too :),
Am back after a fair long interval this time, ya ya same old reason was busy with office and all. But recently did something good(if not unusual).
And the heading is telling it very correct, did implemented the SSL and used https for some of my pages in rubyonrails.
As many of my readers know, i am new to ubuntu so is new to apache too(initially i used to think, these dealings are sort of system admin stuff) but hey after all it is a software and some bit of configurations.. so i thought lets do it.. and i did it...
So now trimming all the conversation.. the aim of my application was to implement https(SSL) for the "payment gateway" and "pick package" page
and here is the solution
for the prerequisite purpose i assume that you have apache and ruby on rails setup in your system and you have an ROR application which needs https protocol for some of the pages
Step 00: Create a ssl certificate signed by yourself (by following these steps)
install the ssl-cert package
# to create a self-signed certificate.. it will open several dialog boxes, keep on answering the question in correct format(some 7-8 inquiries are there) and at the end you will have your self-signed certificate
Step 01: first of all enable the modes(for apache)
Step 02: set the virtual host
goto apache root directory(which is at /etc/apache2 in my case) and execute following commands
#to switch to apache directory
#to disable the default site(which have the default configuration of apache)
Step 03: edit the newly created ourapplication configuration, which is available at /etc/apache2/sites-available/ourapplication using any of your favorite editor
and it should look something lie this
Step 04: We also have to change the proxy configuration, so that proxy request can be handled as we desire it to do
change the setting from
previous proxy setting
Step 05: To reload the new setting so that apache can follow our rule..
if it gives some ouitpit like this
Step 06: Now all apache work is done, you had to do small amount of effort in your rails application and here they
a) install a plugin
b) include it in the application controller so that it can use ssl using
c) to use https on any particular action of some controller use
if you have any query just drop me a comment, otherwise all is well as expected :)
Am back after a fair long interval this time, ya ya same old reason was busy with office and all. But recently did something good(if not unusual).
And the heading is telling it very correct, did implemented the SSL and used https for some of my pages in rubyonrails.
As many of my readers know, i am new to ubuntu so is new to apache too(initially i used to think, these dealings are sort of system admin stuff) but hey after all it is a software and some bit of configurations.. so i thought lets do it.. and i did it...
So now trimming all the conversation.. the aim of my application was to implement https(SSL) for the "payment gateway" and "pick package" page
and here is the solution
for the prerequisite purpose i assume that you have apache and ruby on rails setup in your system and you have an ROR application which needs https protocol for some of the pages
Step 00: Create a ssl certificate signed by yourself (by following these steps)
install the ssl-cert package
sudo aptitude install ssl-cert
# to create a self-signed certificate.. it will open several dialog boxes, keep on answering the question in correct format(some 7-8 inquiries are there) and at the end you will have your self-signed certificate
sudo make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /path/to/ssl/certictare/selfsigned.pem
Step 01: first of all enable the modes(for apache)
sudo a2enmod ssl
sudo a2enmod proxy
sudo a2enmod rewrite
sudo a2enmod proxy_balancer
sudo a2enmod proxy_http
sudo a2enmod headers
Step 02: set the virtual host
goto apache root directory(which is at /etc/apache2 in my case) and execute following commands
#to switch to apache directory
cd /etc/apache2
#to disable the default site(which have the default configuration of apache)
sudo a2dissite default#create a new configuration for virtual host by copying the default site configuration and (rename 'ourapplication' with your application name)
sudo cp sites-available/default sites-available/ourapplication#to enable our application site configuration in apache
sudo a2ensite ourapplication
Step 03: edit the newly created ourapplication configuration, which is available at /etc/apache2/sites-available/ourapplication using any of your favorite editor
sudo gedit /etc/apache2/sites-available/ourapplication
and it should look something lie this
<VirtualHost *:80>
ServerName ourapplication
ProxyPass / http://somename.com:3000/
ProxyPassReverse / http://somename.com:3000/
</VirtualHost>
<VirtualHost *:443>
ServerName ourapplication
ProxyPass / http://somename.com:3000/
ProxyPassReverse / http://somename.com:3000/
ProxyPreserveHost On
RequestHeader set X_FORWARDED_PROTO 'https'
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /path/to/self/signed/certificate/selfsigned.pem
SSLProxyMachineCertificateFile /path/to/self/signed/certificate/selfsigned.pem
</VirtualHost>
Step 04: We also have to change the proxy configuration, so that proxy request can be handled as we desire it to do
sudo gedit /etc/apache2/mods-available/proxy.conf
change the setting from
previous proxy setting
<proxy>to new proxy setting
AddDefaultCharset off
Order deny,allow
Deny from all
Allow from .example.com
</proxy>
<proxy>
AddDefaultCharset off
Order deny,allow
Allow from all
</proxy>
Step 05: To reload the new setting so that apache can follow our rule..
sudo /etc/init.d/apache2 force-reload(but it should not give any error, and it will not if no wrong is done to it form the above mentioned procedures)
if it gives some ouitpit like this
* Reloading web server config apache2
apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1 for ServerName
Step 06: Now all apache work is done, you had to do small amount of effort in your rails application and here they
a) install a plugin
ruby script/plugin install ssl_requirement
b) include it in the application controller so that it can use ssl using
include SslRequirement
c) to use https on any particular action of some controller use
class EcommerceController < ApplicationController
ssl_required :action_name_1, :action_name_2, :action_name_3
# some more codes..............
end
if you have any query just drop me a comment, otherwise all is well as expected :)
For SSL support on ubuntu 11.10 with apache2 you also have to mention the directory root path under virtual port : 443
ReplyDeleteServerName localhost
DocumentRoot /path/to/application/public/directory/public
SSLEngine on
SSLCertificateFile /path/of/ssl/self-signed-cert/selfsigned.pem
Thanks for such an amazing information. I have just read it. It really helps.
ReplyDeleteIf you are looking for other articles just visit customcollegevisits.com Thanks