0
試圖讓我的Rails應用程序使用SSL提交一些敏感的表單數據,並沒有太多的運氣。基本的問題是,一旦我提交表單(這是一個POST請求),它只會掛起一分鐘,然後說服務器沒有響應。我該如何獲得Rails,SSL和Apache來玩呢?
這裏就是我的工作:
的Apache 2.2.3 的Rails 2.3.8 RedHat Linux上(Rackspace公司服務器)
使用ssl_requirement插件如下:
的ApplicationController :
class ApplicationController < ActionController::Base
include SslRequirement
helper :all # include all helpers, all the time
protect_from_forgery # See ActionController::RequestForgeryProtection for details
# Scrub sensitive parameters from your log
filter_parameter_logging :password
end
控制器我想要使用SSL上的動作:
class RegistrationsController < ApplicationController
ssl_required :create
...
end
我的httpd.conf中包括這一行搶的ssl.conf:
Include conf.d/*.conf
我的SSL虛擬主機(在conf.d/ssl.conf中的文件)的外觀像這樣:
<VirtualHost XXX.XXX.XXX.XXX:443>
ServerName www.nameofmyapp.com
ServerAlias nameofmyapp.com
DocumentRoot /var/www/apps/myapp/current/public
RailsEnv production
RequestHeader set X_FORWARDED_PROTO 'https'
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/2012-nameofmyapp.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/2012-nameofmyapp.com.key
SSLCACertificateFile /etc/pki/tls/certs/SecureSite_Bundle.pem
</VirtualHost>
你的Apache日誌裏有什麼? – dangerousdave 2011-01-21 14:05:22