Welcome to the Treehouse Community

The Treehouse Community is a meeting place for developers, designers, and programmers of all backgrounds and skill levels to get support. Collaborate here on code errors or bugs that you need feedback on, or asking for an extra set of eyes on your latest project. Join thousands of Treehouse students and alumni in the community today. (Note: Only Treehouse students can comment or ask questions, but non-students are welcome to browse our conversations.)

Looking to learn something new?

Treehouse offers a seven day free trial for new students. Get access to thousands of hours of content and a supportive community. Start your free trial today.

Ruby

Jin He
Jin He
8,123 Points

About the usage of force_ssl in Rails

Hello, suppose I have set force_ssl in my index action, after that how should I view this index page on the browser ?

2 Answers

Brandon Barrette
Brandon Barrette
20,485 Points

So in order to use SSL, you can't use the Webrick server that comes standard with rails. I followed Ryan Bate's Railscast episode on getting SSL to work locally. You can find it here:

http://railscasts.com/episodes/357-adding-ssl

It requires a PRO account, but I highly recommend the $9, I've learned so much from his videos.

Basically, you install another server that can handle SSL, then you create an openSSL certificate in your terminal, and set up some config files and you're good to go. Your browser will give you a warning "This site is not secure, are you sure you want to continue?", and since you are doing this in development mode, that doesn't matter.

If you want to do this in production mode, you will have to pay to have your certificate signed by a third party as authentic in order for that warning to go away. (Those are the locks you see in the address field that show it's authentic)

Hope that helps! Happy coding! =)

Chris Shaw
Chris Shaw
26,662 Points

Hi Jin,

Most people say just to do it in the application.rb config file but I found an article that offers a nicer solution which is on a per-page basis instead of site wide.

http://robert-reiz.com/2012/07/09/ssl-in-ruby-on-rails/