How do you run Rails with HTTPs locally for testing?

Asked 22/12, 2011 at 20:15 Answered 27/1 at 11:52

Solved ruby-on-rails ruby-on-rails-3 webrick

Our dev envs use HTTP, prod uses HTTPS, this is causing issues that we can't reproduce locally with are HTTPS related.

How can I run rails with SSL locally for testing purposes? Is there a Webrick config?

Thanks

Siegler answered 22/12, 2011 at 20:15 Comment(1)

I would checkout #2119185 – Blackstock 22/12, 2011 at 20:55

you should to use thin to do it:

$ sudo apt-get install thin

And add this line in config/application.rb

config.force_ssl = true

Then run app on thin with command line:

$ thin start --ssl

Fanestil answered 6/5, 2013 at 9:21 Comment(2)

To install it on all platforms, you can use gem install thin. – Hydroid 18/2, 2023 at 16:23

Thin doesn't support Rack 3 used by the current Rails versions. I've added an example of running Puma with a self-signed certificate below. – Commentative 27/1 at 11:52

For the current Rails versions (using Rack 3 and Puma as the default web server), the easiest way I could find was to:

Create self-signed certificate:

openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 365 -keyout localhost.key -out localhost.crt
Start Puma:

puma -b 'ssl://0.0.0.0:9292?key=localhost.key&cert=localhost.crt&verify_mode=none'

Commentative answered 27/1 at 11:52 Comment(0)

I think the question here is specific to the Rails 'testing' environment, which might mean rspec, and if so, this gist by jaikoo was what worked for me:

https://gist.github.com/jaikoo/daf88024b8de1cf9339b

With respect to the 'development' environment, ultimately I used thin, which I didn't really want to, but the best write-up of that I saw was this post by Keyur Gohil:

https://blog.botreetechnologies.com/enable-ssl-in-developement-using-thin-2a4bd1af500d

Though I put it in a batch file and added -D -V and made sure it ran on a different port:

#!
#  Sets up the use of SSL in development
#
# https://www.devmynd.com/blog/rails-local-development-https-using-self-signed-ssl-certificate/
#
bundle exec thin -D -V start -a localhost -p 3001 --ssl --ssl-key-file ~/development/apps/localhost_ssl_tsl_keys/localhost.key --ssl-cert-file ~/development/apps/localhost_ssl_tsl_keys/localhost.crt

Yesseniayester answered 25/2, 2018 at 15:14 Comment(0)

-21

Ultimately, you should be running development without SSL, period. Unless something is wrong with your SSL Cert, you should not have errors that are independent of the different environments.

Staging is where you would test the SSL framework.

Prosecution answered 22/12, 2011 at 22:7 Comment(2)

And what if what you are testing actually depends on HTTPS? For example, my site has a different flow if you click "login" when you are on http or https. So it actually makes a lot of sense to want to run your app in HTTPS locally. – Publish 22/6, 2012 at 16:56

There absolutely valid reasons to try running SSL locally. The OPs use case is a perfect example. – Garwood 28/12, 2012 at 9:46

Recommended topics

Hot tags