Forum: Ruby on Rails ssl_requirement, https, webrick and ruby

Announcement (2017-05-07): www.ruby-forum.com is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see rubyonrails.org/community and ruby-lang.org/en/community for other Rails- und Ruby-related community platforms.
Thiago A. (Guest)
on 2006-04-15 20:05
(Received via mailing list)
My Rails application passwords were travelling over the network as
plain-text. Maybe the users wouldn't like it (I surely wouldn't), so I
decided to use some kind of encryption.

I have done my little research and found the ssl_requirement Rails
plugin and installed it. But when I try to access a secured page, I
can't establish a connection to the server. I thought this would be
because my development webserver (webrick) wasn't supporting
HTTPS/SSL.

What I really want to have is a server-independent way of having HTTPS
support (i.e. I don't want to have to reconfigure when I switch
servers). For the time being, I am trying to edit my script/server to
start a ssl-enabled webrick instead of the default one. But I can't
get it done because of a failure with the openssl library.

So now I am struggling with Rails and Webrick to get them speaking
HTTPS. Seems like webrick supports it (at least it is advertised on
theirpage), but when I try

require 'webrick/https'

I get the following error:

LoadError: no such file to load -- openssl

Seems like the openssl library should have been installed with Ruby,
but it wasn't. This seems to be a known bug (I found a bug report on
the rubyforge Ruby tracker). I have tried to manually install the ruby
pki library (which includes openssl), but the download link on their
page is broken for me.

Any thoughts on this? Can I enable SSL support on webrick without all
this script/server hackery? Also, are there any other options that
would give me an acceptable security level without all this SSL stuff?

Cheers,

Thiago A.
This topic is locked and can not be replied to.