top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration

SSL with Thin Server for RoR website

+1 vote
74 views

I have added force_ssl in ApplicationController. Then thin start --ssl. It took me to https, but with red cross. i.e. Not trusted site.

I tried with creating the certificate with - http://www.napcsweb.com/blog/2013/07/21/rails_ssl_simple_wa/
Still the same. Can anyone suggest?

posted Jan 6, 2014 by Kumar Mitrasen

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

+1 vote

Yes, unless you trust your own certificate or create your own authority and trust it. For development an untrusted local certificate is just fine, for the public (even though now days it might be worthless) you'll need another authority to sign your certificate for it to gain trust because that's the way things are right now.

answer Jan 6, 2014 by Ahmed Patel
Similar Questions
+4 votes

The ssl cert on my apache server have expired. It is actually a server at work - a important one as well so I'm a bit stressed at the moment.

The cert is renewed and I have received the cert files. I'm now trying to install them but I can't get it to work.

I thought it was as simple as just copying the new crt file to the server and restart apache but apache start fails.

I see this in the log:

509 certificate routines:X509_check_private_key:key values mismatch

Server: Apache 2.2.22 on Ubuntu 12.04. How does one install a renewed ssl cert? Do I need to create a new private key and ca-bundle? Please point me in the right direction.

+4 votes

We want to set up SSL client authentication and we will only have a single client that we want to allow through to the website.

Is it possible to allow just a single certificate to authenticate by just specifying that one cert in SSLCACertificateFile? i.e. without specifying the CA cert instead?

If so, would my SSLVerifyDepth then be zero?

Are there any reasons I might not have thought about why this isn't a good idea or any other considerations?

+1 vote

My Ruby on Rails App needs to connect to a ODBC Datasource that has SSL only enabled.

Can somebody give me an example of connecting to a ODBC Source with SSL?

I constantly get SSL required error. I don't see the option of passing SSL Certificates via UnixODBC. May be something I am missing.

+1 vote

I'm wonder how most people securely connect to a Postgres database on a server separate from the app server.

The ActiveRecord docs for a MySQL connection have explicit SSL options, whereas with Postgres it seems one would pass SSL options as documented for libpq.

However a quick Googling returns SO threads with suggestions to use SSH tunnels. Which I guess could be managed with something like AutoSSH.

I'd love to hear from others. Is one method faster than the other, or easier to maintain?

Contact Us
+91 9880187415
sales@queryhome.net
support@queryhome.net
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Bangalore-560102
Karnataka INDIA.
QUERY HOME
...