Home/ Questions/Q 8923565
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-15T07:09:32+00:00

Following the guidance here , updated for Rails 3.2.x, I expected to be able

  • 0

Following the guidance here, updated for Rails 3.2.x, I expected to be able to configure Rack::SSL to use the SSL filters only if an https:// prefix is included:

config.force_ssl = true
config.ssl_options = { :exclude => proc { |env| puts 'here? ' + env.to_s; env['HTTPS'] != 'on' } }

However, https works, where http fails with the following error:

[2012-10-29 15:37:03] ERROR OpenSSL::SSL::SSLError: SSL_accept returned=1 errno=0 state=SSLv2/v3 read client hello A: http request
    /Users/user/.rvm/rubies/ruby-1.9.3-p194/lib/ruby/1.9.1/openssl/ssl-internal.rb:164:in `accept'

The diagnostic code inserted into the lambda is not executed. How can I configure Rack:SSL in Rails 3.2.x to respond to both HTTP and HTTPS?

Rails 3.2.8, WEBrick configured for SSL using a self-signed cert.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The ability to use the exclude option in the options hash has been removed as of May 2012 for some reason: https://github.com/rails/rails/pull/5515

    The error I was seeing was a red herring. The exclude was being ignored and the http:// request was being redirected in ActionDispatch::SSL to https://. OpenSSL was then choking (I assume) because of the protocol mismatch.

    The solution is to use the rack-ssl gem, as suggested here. This is essentially identical to ActionDispatch::SSL, except that the exclude option is still respected.

    • 0