SSL problems with RoR, MySQL and Apace

Rails
1

Hello All -

       This is my first post into this forum and somewhat of a newb

to RoR so I’m hoping someone can help. I currently have a RoR app that
runs on Ubuntu with Apache and Mysql. There are two issues I’m having
and they are causing me to bang my head against the wall.

First one is RAILS_ENV: If I run ruby script/console it says that my
environment is development however if I run RAILS_ENV it says
production. I’m trying to find a way to permanently keep the
environment set to production either through the environment.rb or some
other method. I do have the RAILSENV production set in the VHost but it
seems as if that conflicts with the output of ruby script/console. If I
run export RAILS_ENV=production before running ruby script/console it
comes back in production mode up until I log of the shell and come back
in. Is there a way to permanently set the environment to production
without having to do RAILS_ENV=production everytime I need to do a rake
task?

Seconde Question: For all of our development, we have been running the
app via port 80 and all has worked fine. Now I need to implement SSL so
I got a certificate from a CA and installed it without any problems.
However when I bring up the application in a browser, the application
doesn’t seem like it connects to MySQL. The page loads and I see the
security lock but the menue (which is derived from MySQL) doesn’t load.
I have successfully made sure that the rails app can connect to MySQL
via command line by running ActiveRecord::Base.connection via the
console and it connects using the mysql socket. The MySQL is running on
the same server as the app so no outside connection is needed. If I
change my VHost back to port 80, everything runs correctly and it
connects to the db. I’ve looked into the logs for the app and notice
that even though I connect using https:// the app logs show http:. I
know SSL is working correctly in Apache because I can put up a plain
jane webiste using SSL and it comes up but when using this app
connecting to MySQL and https I get errors like “null could not be
retrieved:Send Failed” and “menuModule could not be retrieved:Send
Failed”. Looking at the MySQL logs, I can see that it tries to connect
using user@localhost on db which is all correct.

Things I have tried or looked through:

*confirmed connection to db using command line
*confirmed the database.yml file is correct because when on port 80
everything works fine
*checked the my.cnf to confirm no skip networking and tried to bind to
loopback address and local IP and still nothing. Again this only
happens with SSL.

  • Tried setting up apache using both <virtualhost *:443> and
    and still same issue.

*One issue I have experienced is that sometimes apache serves up a page
but the data comes from a different database. I’ve checked and double
checked my VHost files to confirm everything is correct so I don’t know
if this is a RoR issue or Apache issue or MySQL issue. Any help is
appreciated.

<virtualhost *:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/domain.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain.key

ServerAdmin admin@localhost
ServerName test.domain.com
DocumentRoot /home/sysadmin/projects/App/public
<directory /home/sysadmin/projects/App/public>
Options FollowSymLinks
AllowOverride None
RAILSENV production

ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<directory “/usr/lib/cgi-bin”>
AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all

ErrorLog /var/log/apache2/error.log

Possible values include: debug, info, notice, warn, error, crit,

alert, emerg.

LogLevel warn

CustomLog /var/log/apache2/access.log combined
ServerSignature On

Alias /doc/ “/usr/share/doc/”
<directory “/usr/share/doc/”>
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128

2

On Feb 1, 10:23pm, “Anthony M.” [email protected] wrote:

environment set to production either through the environment.rb or some
other method. I do have the RAILSENV production set in the VHost but it
seems as if that conflicts with the output of ruby script/console. If I
run export RAILS_ENV=production before running ruby script/console it
comes back in production mode up until I log of the shell and come back
in. Is there a way to permanently set the environment to production
without having to do RAILS_ENV=production everytime I need to do a rake
task?

RailsEnv in the Vhost only affects what passenger does (I assume you
are using passenger). You should be able to add something to
your .profile (or .bash_profile etc. depending on your shell) that
sets RAILS_ENV.

Seconde Question: For all of our development, we have been running the
app via port 80 and all has worked fine. Now I need to implement SSL so
I got a certificate from a CA and installed it without any problems.
However when I bring up the application in a browser, the application
doesn’t seem like it connects to MySQL.

Is it definitely serving content from your app and not from some other
vhost?

Fred
The page loads and I see the

3

Forgot to mention that I am running passenger.

Apache does serve up the correct page, however when using 443 it doesn’t
connect to the db but when using port 80 it works fine.

4

Hi There,

Just wondered if anyone has experience of using RubyMine and any
thoughts on it one way or the other? I use IntelliJ for larger
Groovy/Grails projects and find the IDE support useful.

For smaller Groovy/Grails projects and for all of my Ruby and Rails I
find TextMate and a few terminal windows to be perfect. However, I’d be
interested to hear if anyone has found the extra heft of an IDE to be
worth it and if so, what specific benefits they found when compared to
TextMate or something similar.

Any input appreciated.

Best Wishes,
Peter

5

On Tue, Feb 1, 2011 at 2:42 PM, Anthony M. [email protected] wrote:

Apache does serve up the correct page, however when using 443 it doesn’t
connect to the db but when using port 80 it works fine.

That makes pretty much zero sense :slight_smile:

Can we see all of the log entries (httpd access/error, Passenger, Rails)
for one of the SSL-based access attempts? And possibly the same for
a non-SSL access that works?


Hassan S. ------------------------ [email protected]
twitter: @hassan

6

I just switched from NetBeans and I like it so far. I’m still
discovering cool shortcuts all over the place. The debugging is easy
and intuitive, the code completion seems a little better than
NetBeans, the favorite file view is great, since there are so many
files in Rails that I never want to change or look at, it is nice to
not have to weed through them all the time, the integration with SVN
is completely painless.

I have run into a few bugs here and there, but they are little visual
quirks and haven’t slowed me down.

(Once in a while the debugger has crashed, but the message it gives
makes me think it is a ruby problem with 1.9.2-p136, not an IDE
problem.)

7

Hassan S. wrote in post #979000:

On Tue, Feb 1, 2011 at 2:42 PM, Anthony M. [email protected] wrote:

Apache does serve up the correct page, however when using 443 it doesn’t
connect to the db but when using port 80 it works fine.

That makes pretty much zero sense :slight_smile:

Can we see all of the log entries (httpd access/error, Passenger, Rails)
for one of the SSL-based access attempts? And possibly the same for
a non-SSL access that works?


Hassan S. ------------------------ [email protected]
twitter: @hassan

Port: 80

I changed the port in the VHost to 80 and commented out the SSL stuff
and restarted apache.

Apache Error Log -
[Wed Feb 02 10:48:32 2011] [notice] caught SIGTERM, shutting down
[Wed Feb 02 10:48:34 2011] [notice] Apache/2.2.11 (Ubuntu)
mod_ssl/2.2.11 OpenSSL/0.9.8g Phusion_Passenger/3.0.2 configured –
resuming normal operations

Apache Access Log -
10.10.20.108 - - [02/Feb/2011:10:56:45 -0500] “GET / HTTP/1.1” 200 1711
“-” “Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101
Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:45 -0500] “GET /AC_OETags.js
HTTP/1.1” 304 - “http://testabl.cyncsoftware.com/” “Mozilla/5.0 (Windows
NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:47 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 311 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:47 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 311 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:47 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 619 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:47 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 4977 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:52 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 311 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:52 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 528 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:53 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 311 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:53 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 3202 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:53 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 4977 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:53 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 4360 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:10:56:54 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 4360 “http://testabl.cyncsoftware.com/sikkim.swf
“Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”

Rails Log -

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:34) [POST]
Sending data
Completed in 4ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.com/rubyamf/gateway]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:34) [POST]
Sending data
Completed in 5ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.com/rubyamf/gateway]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:34) [POST]

Processing LovsController#amf_multi_lov (for 10.10.20.108 at 2011-02-02
11:00:34) [POST]
Parameters: {0=>{“user_locale”=>{“is_model”=>false,
“name”=>“userLocaleLov”, “model”=>“user”, “method”=>“lov_locale”,
“query_keys”=>[]}, “user_skin”=>{“is_model”=>false,
“name”=>“userSkinLov”, “model”=>“user”, “method”=>“lov_skin”,
“query_keys”=>[]}}, “user_locale”=>{“is_model”=>false,
“name”=>“userLocaleLov”, “model”=>“user”, “method”=>“lov_locale”,
“query_keys”=>[]}, “user_skin”=>{“is_model”=>false,
“name”=>“userSkinLov”, “model”=>“user”, “method”=>“lov_skin”,
“query_keys”=>[]}}
Completed in 7ms (DB: 0) | 200
[http://testabl.cyncsoftware.comlovs/amf_multi_lov]
Sending data
Completed in 20ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.comlovs/amf_multi_lov]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:34) [POST]

Processing MenuModulesController#amftree (for 10.10.20.108 at 2011-02-02
11:00:34) [POST]
Parameters: {0=>{“id”=>-1}, “id”=>-1}
Completed in 150ms (DB: 1) | 200
[http://testabl.cyncsoftware.commenu_modules/amftree]
Sending data
Completed in 220ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.commenu_modules/amftree]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]
Sending data
Completed in 5ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.com/rubyamf/gateway]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]

Processing SessionsController#amfcreate (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]
Parameters: {0=>{“lock_version”=>0, “id”=>0, “login”=>“system”,
“password”=>“SYSTEM123”}, “lock_version”=>0, “id”=>0, “login”=>“system”,
“password”=>“SYSTEM123”}
Completed in 6ms (DB: 0) | 200
[http://testabl.cyncsoftware.comsessions/amfcreate]
Sending data
Completed in 16ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.comsessions/amfcreate]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]
Sending data
Completed in 5ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.com/rubyamf/gateway]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]

Processing LovsController#amf_multi_lov (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]
Parameters: {0=>{“manager_lov”=>{“is_model”=>true,
“name”=>“manager_lov”, “model”=>“manager”, “query_keys”=>[]},
“client_val”=>{“is_model”=>false, “model”=>“client”, “method”=>“val”,
“query_keys”=>[]}}, “manager_lov”=>{“is_model”=>true,
“name”=>“manager_lov”, “model”=>“manager”, “query_keys”=>[]},
“client_val”=>{“is_model”=>false, “model”=>“client”, “method”=>“val”,
“query_keys”=>[]}}
Completed in 13ms (DB: 0) | 200
[http://testabl.cyncsoftware.comlovs/amf_multi_lov]
Sending data
Completed in 41ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.comlovs/amf_multi_lov]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]

Processing MenuModulesController#amftree (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]
Parameters: {0=>{“id”=>-1}, “id”=>-1}
Completed in 40ms (DB: 5) | 200
[http://testabl.cyncsoftware.commenu_modules/amftree]
Sending data
Completed in 110ms (View: 1, DB: 0) | 200 OK
[http://testabl.cyncsoftware.commenu_modules/amftree]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]

Processing ClientsController#index (for 10.10.20.108 at 2011-02-02
11:00:41) [POST]
Parameters: {0=>nil}
Completed in 40ms (DB: 4) | 200
[http://testabl.cyncsoftware.comclients/index]
Sending data
Completed in 483ms (View: 0, DB: 45) | 200 OK
[http://testabl.cyncsoftware.comclients/index]

Processing RubyamfController#gateway (for 10.10.20.108 at 2011-02-02
11:00:42) [POST]

Processing ClientsController#index (for 10.10.20.108 at 2011-02-02
11:00:42) [POST]
Parameters: {0=>nil}
Completed in 10ms (DB: 1) | 200
[http://testabl.cyncsoftware.comclients/index]
Sending data
Completed in 268ms (View: 0, DB: 15) | 200 OK
[http://testabl.cyncsoftware.comclients/index]

##Now switching the port to 443 in the VHost and uncommenting out the
SSL info. I cleared out the logs before doing this so all the
information in the logs is after the port was changed.

Apache Error Log -

[Wed Feb 02 11:04:36 2011] [notice] caught SIGTERM, shutting down
[Wed Feb 02 11:04:41 2011] [notice] Apache/2.2.11 (Ubuntu)
mod_ssl/2.2.11 OpenSSL/0.9.8g Phusion_Passenger/3.0.2 configured –
resuming normal operations
[Wed Feb 02 11:06:02 2011] [error] [client 10.10.20.108] File does not
exist: /htdocs
[Wed Feb 02 11:06:02 2011] [error] [client 10.10.20.108] File does not
exist: /htdocs

Apache Access Log -

10.10.20.108 - - [02/Feb/2011:11:05:50 -0500] “GET / HTTP/1.1” 200 1711
“-” “Mozilla/5.0 (Windows NT 5.1; rv:2.0b8) Gecko/20100101
Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:11:05:50 -0500] “GET /AC_OETags.js
HTTP/1.1” 200 8349 “https://testabl.cyncsoftware.com/” “Mozilla/5.0
(Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:11:05:50 -0500] “GET /favicon.ico
HTTP/1.1” 200 1150 “-” “Mozilla/5.0 (Windows NT 5.1; rv:2.0b8)
Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:11:05:50 -0500] “GET /sikkim.swf HTTP/1.1”
200 2330779 “https://testabl.cyncsoftware.com/” “Mozilla/5.0 (Windows NT
5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:11:06:01 -0500] “GET /images/cync_logo.png
HTTP/1.1” 200 11606 “-” “Mozilla/5.0 (Windows NT 5.1; rv:2.0b8)
Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:11:06:01 -0500] “GET
/en_US_BaseResourceModule.swf HTTP/1.1” 200 42535 “-” “Mozilla/5.0
(Windows NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”
10.10.20.108 - - [02/Feb/2011:11:06:01 -0500] “GET
/skins/sundae/sundaec.swf HTTP/1.1” 200 94745 “-” “Mozilla/5.0 (Windows
NT 5.1; rv:2.0b8) Gecko/20100101 Firefox/4.0b8”

Rails Log -

It seems as if nothing is being logged to the Rails log during these
errors. I cleared out the App/log/production.log (rake log:clear)
before switching the port to 443 in VHost are when I access the site it
doesn’t log anything to the production.log.

Thanks for the continued help.

8

I tried their free trial, but I just couldn’t get bast the initial
hump of “how do I do this?” and that the editor, even in Textmate
mode, is very un-like Textmate.

9

On Wed, Feb 2, 2011 at 8:20 AM, Anthony M. [email protected] wrote:

I changed the port in the VHost to 80 and commented out the SSL stuff
and restarted apache.

10.10.20.108 - - [02/Feb/2011:10:56:47 -0500] “POST /rubyamf/gateway
HTTP/1.1” 200 311 “http://testabl.cyncsoftware.com/sikkim.swf

Whoa! Is this a Flex app? I haven’t worked with Flex in forever, and
that
was with a Java back end. But looking at the above and then what’s
being logged in SSL mode, I’m guessing you have to configure the Flex
client to use port 443, because those POST /rubyamf/gateway requests
aren’t showing up.

##Now switching the port to 443 in the VHost and uncommenting out the
SSL info. I cleared out the logs before doing this so all the
information in the logs is after the port was changed.

Apache Error Log -

[Wed Feb 02 11:04:36 2011] [notice] caught SIGTERM, shutting down
[Wed Feb 02 11:04:41 2011] [notice] Apache/2.2.11 (Ubuntu)
mod_ssl/2.2.11 OpenSSL/0.9.8g Phusion_Passenger/3.0.2 configured –
resuming normal operations
[Wed Feb 02 11:06:02 2011] [error] [client 10.10.20.108] File does not
exist: /htdocs
[Wed Feb 02 11:06:02 2011] [error] [client 10.10.20.108] File does not
exist: /htdocs

That error would seem to indicate some configuration problem; in each
of your test cases, can you run apachectl -S to check?


Hassan S. ------------------------ [email protected]
twitter: @hassan

10

On Wed, Feb 2, 2011 at 11:26 AM, Anthony M. [email protected]
wrote:

This is where I would need some assistance on configuring the Flex
client. Any idea on where to start?

I’d guess there’s at least an Adobe forum for Flex dev, though surely
there’s also documentation /somewhere/ :slight_smile:

Sorry I can’t be of any more help, good luck!


Hassan S. ------------------------ [email protected]
twitter: @hassan

11

Hassan S. wrote in post #979196:

Whoa! Is this a Flex app? I haven’t worked with Flex in forever, and
that
was with a Java back end. But looking at the above and then what’s
being logged in SSL mode, I’m guessing you have to configure the Flex
client to use port 443, because those POST /rubyamf/gateway requests
aren’t showing up.

This is where I would need some assistance on configuring the Flex

client. Any idea on where to start?

That error would seem to indicate some configuration problem; in each
of your test cases, can you run apachectl -S to check?


Hassan S. ------------------------ [email protected]
twitter: @hassan

I actually did a apache2ctl -S and it came back

VirtualHost configuration:
wildcard NameVirtualHosts and default servers:
*:443 testabl.cyncsoftware.com
(/etc/apache2/sites-enabled/ablsecure:1)
Syntax OK