Implementing HTTPS with WEBrick?


#1

All,

I would like to test some secure pages that I’m developing in my
WEBrick-based development environment.

I’ve done some research and it appears that I need to create a new
command that will start a HTTPS based WEBrick server. Is this correct?

Also, it appears that the https.rb module is not included with the
WEBrick bundled in Rails. So, I will need to go get that piece, right?

Lastly, do I need to set up a cert. of my own on the server side to test
with?

Thanks,
Wes


#2

Wes G. wrote:

All,

I would like to test some secure pages that I’m developing in my
WEBrick-based development environment.

I’ve done some research and it appears that I need to create a new
command that will start a HTTPS based WEBrick server. Is this correct?

Also, it appears that the https.rb module is not included with the
WEBrick bundled in Rails. So, I will need to go get that piece, right?

Lastly, do I need to set up a cert. of my own on the server side to test
with?

Thanks,
Wes

I found this:

http://lists.rubyonrails.org/pipermail/rails/2006-January/012432.html

and it appears to successfully start up a SSL Webrick for me.

I also found where all of the WEBrick stuff was stored in the standard
library for 1.8.4.

But I’d like to understand more about how that script works.

  1. What does OpenSSL::SSL::VERIFY_NONE do?
  2. I assume that the ::SSLCertName tells WEBrick to cause a SSL cert. to
    be generated? Is that correct?

Thanks,
Wes


#3

Wes G. wrote:

Wes G. wrote:

All,

I would like to test some secure pages that I’m developing in my
WEBrick-based development environment.

I’ve done some research and it appears that I need to create a new
command that will start a HTTPS based WEBrick server. Is this correct?

Also, it appears that the https.rb module is not included with the
WEBrick bundled in Rails. So, I will need to go get that piece, right?

Lastly, do I need to set up a cert. of my own on the server side to test
with?

Thanks,
Wes

I found this:

http://lists.rubyonrails.org/pipermail/rails/2006-January/012432.html

and it appears to successfully start up a SSL Webrick for me.

I also found where all of the WEBrick stuff was stored in the standard
library for 1.8.4.

But I’d like to understand more about how that script works.

  1. What does OpenSSL::SSL::VERIFY_NONE do?
  2. I assume that the ::SSLCertName tells WEBrick to cause a SSL cert. to
    be generated? Is that correct?

Thanks,
Wes

I am successfully running my SSL server, however, I am unable to use
redirect_to to do my redirects to a different port? How does one use
url_for to generate a URL for a specific port?

Thanks,
Wes


#4

Craig W. wrote:

On Tue, 2006-05-30 at 19:16 +0200, Wes G. wrote:

Also, it appears that the https.rb module is not included with the
http://lists.rubyonrails.org/pipermail/rails/2006-January/012432.html
be generated? Is that correct?

Thanks,
Wes

I am successfully running my SSL server, however, I am unable to use
redirect_to to do my redirects to a different port? How does one use
url_for to generate a URL for a specific port?


generally, you would use url:port#
i.e.
https://www.domain.com:81

Craig

I’d like to do something like this:

redirect_to :protocol => ‘https://’, :action => ‘login_form’

but be able to specify the port.

I tried using :host => request.host + ‘:3001’ but it didn’t work.

Do I specify additional params to url_for or do I just set up a route to
always build an https URL with a port of 3001?

Wes


#5

On Tue, 2006-05-30 at 19:16 +0200, Wes G. wrote:

Also, it appears that the https.rb module is not included with the
http://lists.rubyonrails.org/pipermail/rails/2006-January/012432.html
be generated? Is that correct?

Thanks,
Wes

I am successfully running my SSL server, however, I am unable to use
redirect_to to do my redirects to a different port? How does one use
url_for to generate a URL for a specific port?


generally, you would use url:port#
i.e.
https://www.domain.com:81

Craig


#6

Wes G. wrote:

Craig W. wrote:

On Tue, 2006-05-30 at 19:16 +0200, Wes G. wrote:

Also, it appears that the https.rb module is not included with the
http://lists.rubyonrails.org/pipermail/rails/2006-January/012432.html
be generated? Is that correct?

Thanks,
Wes

I am successfully running my SSL server, however, I am unable to use
redirect_to to do my redirects to a different port? How does one use
url_for to generate a URL for a specific port?


generally, you would use url:port#
i.e.
https://www.domain.com:81

Craig

I’d like to do something like this:

redirect_to :protocol => ‘https://’, :action => ‘login_form’

but be able to specify the port.

I tried using :host => request.host + ‘:3001’ but it didn’t work.

Do I specify additional params to url_for or do I just set up a route to
always build an https URL with a port of 3001?

Wes

A cursory reading of the URL rewriting code shows that if you want to
override the port, then you must do it as part of the host, using
something like

url_for :host => request.host + ‘:####’ where #### is the name of the
new port.

Wes