Ruby on rails: force_ssl not redirecting from http to https when using thin start --ssl

问题

I have been trying to configure my rails project to use SSL (as application wide) with thin (by adding thin gem and placing config.force_ssl = true to application.rb) but as a result, I have an annoying problem.

When I start my rails server using rails s and try to access http://localhost:3000 it redirects to https://localhost:3000 which is correct, however it will complain about missing SSL certification..

SSL connection error

Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.

On the other hand, If I start my application using thin start --ssl and try to access http://localhost:3000 it doesn't redirect to https://localhost:3000 and complains about this:

No data received

Unable to load the webpage because the server sent no data.

but by accessing https://localhost:3000 it just shows certificate warning but it all works after agreeing to continue.

So my question is, How can I make http to https redirection work when using SSL with thin in (development mode)?

Perfect answer would contain possibility to start server normally by using rails s while SSL would be enabled application wide and accessing http redirects to https and all works! :)

Thanks in advance, have been searching for hours but cant find an answer.

回答1:

You should install your own openssl signed certificate. You can find more information on this page

回答2:

Your PC as (localhost) can self sign SSL certificate and your browser can accept it, but i think that browser will not automatically accept certificate with security on that layer. Maybe to try to add your localhost certificate to the browser ?