By Tintin
Hello,
I am trying to get my Rails 4 working with SSL. I retrieved an SSL certificate from StartSSL.com and the installation on the server seems to have been successful.
However, I can’t get my app to work with https. It only works with http at this moment.
When I try to access it in the browser through https I am getting this error:
2014/06/04 18:05:56 [error] 23306#0: *3 “/home/rails/public/index.html” is forbidden (13: Permission denied), client: 23.251.149.69, server: myapp.com, request: “GET / HTTP/1.0”, host: “myapp.com”
This would be my NGINX configuration file in /etc/nginx/nginx.conf:
user www-data; worker_processes 4; pid /var/run/nginx.pid;
events { worker_connections 1024; }
http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off;
server_names_hash_bucket_size 64;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_types text/plain text/xml text/css text/comma-separated-values;
upstream app_server { server 127.0.0.1:8080 fail_timeout=0; }
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
server_name myapp.com;
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 443;
server_name myapp.com;
root /home/rails/public;
ssl on;
ssl_certificate /etc/ssl/myapp.com.crt;
ssl_certificate_key /etc/ssl/myapp.com.key;
}
}
What am I missing here and how can this be fixed?
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi Timo, <br> <br>How are you running the app? Are you using Unicorn, Passenger, or something similar? You have an upstream set but no proxy_pass. You probably need to adjust the server block listening on 443 to act as a reverse proxy for what ever is acting as an upstream server. Something like: <br> <br><pre> <br>server { <br> listen 443; <br> server_name myapp.com; <br> root /home/rails/public; <br> index index.htm index.html; <br> <br> ssl on; <br> ssl_certificate /etc/ssl/myapp.com.crt; <br> ssl_certificate_key /etc/ssl/myapp.com.key; <br> <br> location / { <br> try_files $uri/index.html $uri.html $uri @app; <br> } <br> <br> location @app { <br> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; <br> proxy_set_header Host $http_host; <br> proxy_redirect off; <br> proxy_pass http://app_server; <br> } <br>} <br></pre>
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.