Nov 24
Listen 443Then, enable the needed apache modules:# a2enmod rewrite
# a2enmod proxy
# a2enmod proxy_http
# a2enmod proxy_balancer
# a2enmod ssl
# a2enmod headersThen, use this site configuration as sample:<virtualhost we.riseup.net:80="">
ServerName we.riseup.net
RedirectMatch (.*)$ https://we.riseup.net$1
</virtualhost><virtualhost we.riseup.net:443="">
SSLEngine on
SSLCertificateKeyFile /etc/certs/we.riseup.net/key.pem
SSLCertificateFile /etc/certs/we.riseup.net/cert.pem
RequestHeader set X_FORWARDED_PROTO 'https' ServerName we.riseup.net DocumentRoot /usr/apps/crabgrass/current/public
<directory "="" usr="" apps="" crabgrass="" current="" public"="">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</directory>
</virtualhost>The X_FORWARDED_PROTO is needed when using mongrel in order for rails to think that it is really serving https. This also works with Passenger.
Configuring SSL for Rails with Apache
I found the following notes here: https://we.riseup.net/debian/apache-mongrel-railsTo enable SSL, keep these notes handy:Enable 443 so we can do SSL:In /etc/apache2/ports.conf addListen 80Listen 443Then, enable the needed apache modules:# a2enmod rewrite
# a2enmod proxy
# a2enmod proxy_http
# a2enmod proxy_balancer
# a2enmod ssl
# a2enmod headersThen, use this site configuration as sample:<virtualhost we.riseup.net:80="">
ServerName we.riseup.net
RedirectMatch (.*)$ https://we.riseup.net$1
</virtualhost><virtualhost we.riseup.net:443="">
SSLEngine on
SSLCertificateKeyFile /etc/certs/we.riseup.net/key.pem
SSLCertificateFile /etc/certs/we.riseup.net/cert.pem
RequestHeader set X_FORWARDED_PROTO 'https' ServerName we.riseup.net DocumentRoot /usr/apps/crabgrass/current/public
<directory "="" usr="" apps="" crabgrass="" current="" public"="">
Options FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</directory>
</virtualhost>The X_FORWARDED_PROTO is needed when using mongrel in order for rails to think that it is really serving https. This also works with Passenger.
