Page Title

Body
h2. Getting a certificate The first step is to get your SSL certificate. There are tons of places you could get one from- Rapid SSL, Verisign, Go Daddy, just to name a few. Many places will even give you a free certificate to try before you buy. If you're using the application internally only or just don't care about warnings from the browser, you can even generate your own. Use the certificate provider's instructions for Apache 2. *NOTE*: when generating a key for a Certificate Signing, ensure you don't add a passphrase to the key. If prompted for one, press enter for a blank passphrase. h2. Copy the certificate to your server <pre> <code> scp *.crt deploy@yourdomain.railsmachina.com:~/ </code> </pre> h2. SSH to your Server <pre> <code> ssh deploy@yourdomain.railsmachina.com </code> </pre> h2. Install mod_ssl <pre> <code> sudo yum install mod_ssl </code> </pre> h2. Create needed directories <pre> <code> sudo mkdir -p /etc/httpd/conf/ssl.crt/ sudo mkdir -p /etc/httpd/conf/ssl.key/ </code> </pre> h2. Move the certificates and keys to the newly created directories <pre> <code> sudo mv *.crt /etc/httpd/conf/ssl.crt/ sudo mv *.key /etc/httpd/conf/ssl.key/ </code> </pre> h2. Backup your existing Apache VHost Config <pre> <code> sudo mv /etc/httpd/conf/apps/your_app.conf /etc/httpd/conf/apps/your_app.conf.orig </code> </pre> h2. Obtain our Apache vhost template <pre> <code> wget http://assets.railsmachine.com/wiki/ssl_vhost.conf sudo mv apache_ssl_vhost /etc/httpd/conf/apps/your_app.conf </code> </pre> h2. Customize the Apache VHost Template *NOTE*: This config template handles both SSL and non-SSL for the same Rails application. Note that this binds your IP address to this virtual host. If you have other applications on the server you will need to request an additional IP address. <pre> <code> sudo vim /etc/httpd/conf/apps/your_app.conf </code> </pre> * Substitute your IP address, domain name and application name where needed. * Make sure you have the correct number of balance members- one for each mongrel (2 by default). * Verify the paths to your server certificate and server private key are correct. * Ensure any customizations you may have made to @/etc/httpd/conf/apps/your_app.conf.orig@ are copied over to @/etc/httpd/conf/apps/your_app.conf@ * If your SSL certificate came with an 'Intermediate Certificate', move that file to @/etc/httpd/conf/ssl.crt/@ and add the following lines below the @SSLCertificateFile@ line: <pre> <code> # Intermediate Certificate SSLCACertificateFile /etc/httpd/conf/ssl.crt/DigiCertCA.crt </pre> </code> h2. Restart Apache <pre> <code> sudo /sbin/service httpd restart </code> </pre> If httpd fails to restart, please "submit a support request":https://support.railsmachine.com/index.php?pg=request with the error that you received, your domain name (yourdomain.railsmachina.com) and your @deploy@ user's password and we'll help you debug the error.

Make page private