Upgrade Your Rails Facebook App to SSL

by barce on September 13, 2011

On October 1st of this year, Facebook will be requiring that all apps on Facebook must support HTTPS (SSL).

I’ve provided a guide below which I’ve used for apps I’ve worked on that are Rails based.

This guide shows you how to change your Rails Facebook App into an app that supports SSL using Passenger and Apache2.

Step 1: Get an SSL cert or roll your own.

Dreamhost.com made it very easy to add an SSL cert for just $15.00 / year.

I tried out my app out using a locally signed certificate which seemed to work just fine:

openssl genrsa -des3 -out server.key 2048
openssl req -new -key server.key -out server.csr
cp server.key server.key.org
openssl rsa -in server.key.org -out server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Step 2: Install and compile Apache 2

Get the latest version of Apache: http://httpd.apache.org/download.cgi.

Configure and compile Apache:
./configure –prefix=/usr/local/apache2 –enable-rewrite –enable-so –enable-ssl
make && make install

Step 3: Configure your Rails app

gem install passenger
passenger-install-apache2-module

Step 4: Edit your Apache 2 config files:

Edit httpd.conf. For example:

LoadModule fcgid_module modules/mod_fcgid.so
LoadModule passenger_module /Users/jimbarcelona/.rvm/gems/ruby-1.9.2-p290/gems/passenger-3.0.8/ext/apache2/mod_passenger.so
PassengerRoot /Users/jimbarcelona/.rvm/gems/ruby-1.9.2-p290/gems/passenger-3.0.8
PassengerRuby /Users/jimbarcelona/.rvm/wrappers/ruby-1.9.2-p290/ruby


    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all


Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf


IPCCommTimeout 40
IPCConnectTimeout 10

# TODO: change this to production if you are on production
DefaultInitEnv RAILS_ENV development
SocketPath /tmp/fcgidsock

Edit extra/httpd-vhosts.conf:


  ServerName berkeley.l33tcave.com
  ServerAdmin wwwadmin@berkeley.l33tcave.com
  DocumentRoot /Users/jimbarcelona/rails_apps/github/hipsterhookups.com/public
  ErrorLog /usr/local/apache2/logs/rails_error_log
  RewriteEngine On
  
    AllowOverride All
    Options -MultiViews
  
  RailsEnv development

Edit extra/httpd-ssl.conf:

#   General setup for the virtual host
DocumentRoot "/Users/jimbarcelona/rails_apps/github/hipsterhookups.com/public"
ServerName berkeley.l33tcave.com:443
ServerAdmin you@example.com
ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"

# needed for rails
Options Indexes ExecCGI FollowSymLinks
RewriteEngine On
RailsEnv development


AddHandler fcgid-script .fcgi

  
    AllowOverride All
    Options -MultiViews
  

Be sure to add your SSL certs in the httpd-ssl.conf too!

Step 5: Start Apache

# check syntax
apachectl configtest
# start apache
apachectl start

Step 6: Go to facebook and use https for canvas URLs

Leave a Comment

Previous post:

Next post: