I’m working on some federated authentication (single sign-on) for 3rd-party applications and thought to use Ruby on Rails as a simple way to demo and develop the principles.
This is Rails, so it’s not entirely straightforward(*) but manageable on a Linux host.
In development mode, the default Webrick server does not support SSL, but a decent alternative is thin (https://github.com/macournoyer/thin) which also requires eventmachine.
To use thin with SSL we need to generate a self-signed certificate,
$ openssl req -newkey rsa:2048 -nodes -keyout neopir.key -x509 -days 365 -out neopir.crt Generating a 2048 bit RSA private key .....................+++ ..........................................+++ writing new private key to 'neopir.key' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [XX]:GB State or Province Name (full name) :GB Locality Name (eg, city) [Default City]:London Organization Name (eg, company) [Default Company Ltd]: Organizational Unit Name (eg, section) :Technology Division Common Name (eg, your name or your server's hostname) :neopir.example.com Email Address :firstname.lastname@example.org
And then we start the application
$ bundle exec thin --ssl --ssl-key-file neopir.key --ssl-cert-file neopir.crt -p 3443 start Using rack adapter Thin web server (v1.6.3 codename Protein Powder) Maximum connections set to 1024 Listening on 0.0.0.0:3443, CTRL+C to stop
* – It’s easy on Linux, but a nightmare on Windows, principally because eventmachine needs to be compiled with SSL support which requires OpenSSL which requires… I didn’t get it working and gave up trying.