我正在尝试让 SLL 在 El Capitan 上使用 Rails 4.2.5 本地工作(不过我并不关心它是否薄),并且我尝试了几件事,最近是这个:https://gist.github.com/trcarden/3295935(也粘贴在下面)——但它不起作用。
# SSL self signed localhost for rails start to finish, no red warnings.
# 1) Create your private key (any password will do, we remove it below)
$ openssl genrsa -des3 -out server.orig.key 2048
# 2) Remove the password
$ openssl rsa -in server.orig.key -out server.key
# 3) Generate the csr (Certificate signing request) (Details are important!)
$ openssl req -new -key server.key -out server.csr
# IMPORTANT
# MUST have localhost.ssl as the common name to keep browsers happy
# (has to do with non internal domain names ... which sadly can be
# avoided with a domain name with a "." in the middle of it somewhere)
Country Name (2 letter code) [AU]:
...
Common Name: localhost.ssl
...
# 4) Generate self signed ssl certificate
$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
# 5) Finally Add localhost.ssl to your hosts file
$ echo "127.0.0.1 localhost.ssl" | sudo tee -a /private/etc/hosts
# 6) Boot thin
$ thin start --ssl --ssl-verify --ssl-key-file server.key --ssl-cert-file server.crt
# 7) Add server.crt as trusted !!SYSTEM!! (not login) cert in the mac osx keychain
# Open keychain tool, drag .crt file to system, and trust everything.
# Notes:
# 1) Https traffic and http traffic can't be served from the same thin process. If you want
# both you need to start two instances on different ports.
#
#
然后我转到 https://localhost.ssl:3001,浏览器中的锁仍然带有红色 X。
有什么建议吗?
谢谢!
最佳答案
我确实让它发挥了作用。
我直接看到的第一个错误是您正在尝试连接到端口 3001,但您启动的服务器位于端口 3000。
其次,--ssl-verify
未被接受,因此我将其删除。
另外,不要忘记将创建的证书添加到钥匙串(keychain)并将其更改为受信任。
最后,您需要告诉 Rails 对 Assets 等使用 localhost.ssl 域名,因此请确保在 config/environments/development.rb
中包含此内容:
config.action_controller.asset_host = 'https://localhost.ssl:3000'
注意 https 上的 S。
关于ruby-on-rails - 在 OSX 上使用 Rails 在本地使用 SSL 进行开发,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36580035/