Last active
July 18, 2024 18:47
-
-
Save hvasconcelos/9911439 to your computer and use it in GitHub Desktop.
Create an Sinatra SSL Server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generate a self-signed Certificate and a Private Key | |
| openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout pkey.pem -out cert.crt |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'sinatra' | |
| require './sinatra_ssl' | |
| set :ssl_certificate, "cert.crt" | |
| set :ssl_key, "pkey.pem" | |
| set :port, 9494 | |
| get '/try' do | |
| "helloworld" | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'webrick/ssl' | |
| module Sinatra | |
| class Application | |
| def self.run! | |
| certificate_content = File.open(ssl_certificate).read | |
| key_content = File.open(ssl_key).read | |
| server_options = { | |
| :Host => bind, | |
| :Port => port, | |
| :SSLEnable => true, | |
| :SSLCertificate => OpenSSL::X509::Certificate.new(certificate_content), | |
| # 123456 is the Private Key Password | |
| :SSLPrivateKey => OpenSSL::PKey::RSA.new(key_content,"123456") | |
| } | |
| Rack::Handler::WEBrick.run self, server_options do |server| | |
| [:INT, :TERM].each { |sig| trap(sig) { server.stop } } | |
| server.threaded = settings.threaded if server.respond_to? :threaded= | |
| set :running, true | |
| end | |
| end | |
| end | |
| end |
Looks nice. Is it possible to do it this way with Puma also?
This helped me along really well, thanks! FTR, I had to add in require 'webrick/https' to sinatra_ssl.rb before I could get it working.
require 'webrick/https' in sinatra_sll.rb solves the following problems:
wget https://localhost:9494/try --output-document=-
--2018-03-29 12:41:37-- https://localhost:9494/try
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:9494... connected.
GnuTLS: An unexpected TLS packet was received.
Unable to establish SSL connection.
[2018-03-29 12:41:30] ERROR bad Request-Line `\x16\x03\x01\x00�\x01\x00\x00�\x03\x03Z��\x1D��������fⶂ���*�=P@=\x1A�LD�!�\x00\x00r�,��̩���'.
::1 - - [29/Mar/2018:12:41:30 CEST] "\x16\x03\x01\x00�\x01\x00\x00�\x03\x03Z��\x1D��������fⶂ���*�=P@=\x1A�LD�!�\x00\x00r�,��̩���" 400 335
I also tried:
openssl req -x509 -passout pass:"123456" -nodes -days 365 -newkey rsa:1024 -keyout pkey.pem -out cert.crt
having similar results.
Also:
wget --inet4-only https://127.0.0.1:9494/try --output-document=- ; echo
--2018-03-29 12:45:17-- https://127.0.0.1:9494/try
Connecting to 127.0.0.1:9494... connected.
GnuTLS: An unexpected TLS packet was received.
Unable to establish SSL connection.
Note still that:
wget http://127.0.0.1:9494/try --output-document=- -q ; echo
helloworld
openssl s_client -connect localhost:9494 -debug | grep Verifi
139755706946816:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:252:
Verification: OK
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is awesome and works great! Thank you!
For some reason I had to use
require 'webrick/https'to get this to work or else I got SSL_ERROR_RX_RECORD_TOO_LONG. I am using Ruby 2.3 with bundler.