Reputation: 1
SSL rails nginx
I am trying to install a SSL certificate that I recently acquired from GoDaddy. My web application is on Rails 4.2.6 and I am using an Ubuntu Server 14.04. I am also using Phusion Passenger 5.0.28 and Nginx. I don’t know if it makes any difference, but I launched the instance using AWS’ EC2.
I created a combined file using the two .crt files sent by GoDaddy.
When I edit my application.rb file:
config.force_ssl = true
I receive the following error:
ERR_CONNECTION_TIMED_OUT
There are two files that I have tried editing, with not success so far:
nginx.conf. The server block currently look like this:
server { listen 443 ssl; server_name localhost; ssl_certificate /var/www/primeraraiz5/primeraraiz_combined.crt; ssl_certificate_key /var/www/primeraraiz5/primeraraiz.com.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } } include /etc/nginx/sites-enabled/*;rails.conf (in a sites-available directory; which is “symbolically linked” to the sites-enabled directory ). The server block looks like this:
server { listen 443 ssl; passenger_enabled on; passenger_app_env production; root /var/www/primeraraiz5/public; server_name 52.39.200.205 primeraraiz.com; } server { server_name www.primeraraiz.com; return 301 $scheme://primeraraiz.com$request_uri; }
I don’t know if I am doing something wrong in these files or if I should change any settings at AWS or with the company that currently hosts my domain.
Thanks a lot for your help!
Upvotes: 0
Views: 265
Answers (1)
Reputation: 1464
There are a couple of things to do to your configuration.
The first is the server block containing the redirect. Since you haven't provided us with a server that's listening on port 80, I assume that you want to redirect all requests to http://www.primeraraiz.com; to HTTPS. If so, replace $scheme with https so that your block looks as follows:
server {
server_name www.primeraraiz.com;
return 301 https://primeraraiz.com$request_uri;
}
Next, the SSL offloading needs to happen in the server block from which you're serving. In your case, you're offloading SSL for server name localhost, and not for primeraraiz.com which is what I assume you're trying to do. So copy the SSL parameters of your first server block to the one that has server name primeraraiz.com to end up with:
server {
listen 443 ssl;
server_name 52.39.200.205 primeraraiz.com;
ssl_certificate /var/www/primeraraiz5/primeraraiz_combined.crt;
ssl_certificate_key /var/www/primeraraiz5/primeraraiz.com.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
passenger_enabled on;
passenger_app_env production;
root /var/www/primeraraiz5/public;
}
Upvotes: 1
Related Questions
- Rails: Why does my server redirect http to https
- Enabling SSL on Rails 4 with AWS Load Balancer Ngnix and Puma
- Rails SSL while running only Puma on EC2 AWS instance
- How to get SSL to work in Rails on Nginx?
- Setting up SSL on Nginx on AWS Ubuntu instance
- How to configure nginx to make SSL work with Rails?
- OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=unknown state: unknown protocol
- Rails app on aws using https
- SSL with Ruby on Rails
- Create ssl certificate for rails