我有一个简单的Rails 3.1。rc6应用程序,我用它来测试我的测试服务器(OS X 10.7服务器)上的SSL配置。我使用的是Phusion Passenger和Apache。
我可以运行应用程序没有问题时,不使用SSL。当我启用SSL时,无论是通过Apache还是通过我的environments/production.rb文件中的config.force_ssl = true,页面加载没有错误,但它大多是空的,它不是我的网站。它似乎试图从一个空目录中提供文件。
我检查了配置SSL的Edge Rails文档,它只提到添加config.force_ssl = true选项,说这将自动参与Rack::SSL中间件。
Index of /
Name Last modified Size Description
Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8r DAV/2 Phusion_Passenger/3.0.8 Server at mysite.mydomain.com Port 443
如果我删除rails应用程序中的ssl配置行并使用服务器工具强制站点使用ssl(选择自签名证书进行测试),则会发生完全相同的事情。我需要做些什么来使它服务于... myapp/current/public文件夹,就像我有config.force_ssl = false时一样?
编辑:多一点信息。我在/var/log/apache2/error_log中看到以下内容:
[Fri Aug 26 10:57:49 2011] [notice] caught SIGTERM, shutting down
[Fri Aug 26 10:57:50 2011] [warn] RSA server certificate CommonName (CN) `My-Mac-mini.local' does NOT match server name!?
...
[Fri Aug 26 10:57:50 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
httpd: Could not reliably determine the server's fully qualified domain name, using myserver.local for ServerName
[Fri Aug 26 10:57:50 2011] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Fri Aug 26 10:57:50 2011] [warn] _default_ VirtualHost overlap on port 443, the first has precedence
[Fri Aug 26 10:57:50 2011] [warn] RSA server certificate CommonName (CN) `My-Mac-mini.local' does NOT match server name!?
...
[Fri Aug 26 10:57:50 2011] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366)
[Fri Aug 26 10:57:50 2011] [notice] Apache/2.2.19 (Unix) mod_ssl/2.2.19 OpenSSL/0.9.8r DAV/2 Phusion_Passenger/3.0.8 configured -- resuming normal operations
cache: [GET /] miss
这看起来像是Lion服务器的配置错误。最后,通过在NameVirtualHost *:80行之后添加NameVirtualHost *:443行,在文件/etc/apache2/extra/httpd-vhosts.conf中修复了它。我认为,如果服务器托管多个SSL站点,那么它会自行执行此操作,但事实并非如此。