Open in app

Sign in

Write

Sign in

Setting Up SSL on Localhost for Rails Development with Puma

A Step-by-Step Guide to Implementing HTTPS in Your Local Rails Environment

Stéphane Paquet
2 min readNov 23, 2023
Photo by Dan Schiumarini on Unsplash

Introduction

In today’s web development landscape, security is paramount. As developers, ensuring that our applications are secure, even in a development environment, is crucial. Implementing SSL (Secure Sockets Layer) on localhost not only enhances security but also brings the development environment closer to the production setup. This article provides a comprehensive guide on setting up SSL in a Rails development environment using Puma, the popular Ruby web server.

Step 1: Generating a Self-Signed SSL Certificate

Before diving into the Puma configuration, the first step is to generate a self-signed SSL certificate. This certificate will enable HTTPS on your local server. Here’s how you can do it on OS X:

Open your terminal and run the following command to generate a private key:

openssl genrsa -out localhost.key 2048

Next, create a Certificate Signing Request (CSR) using the key:

openssl req -new -key localhost.key -out localhost.csr -subj "/CN=localhost"

Finally, generate the self-signed certificate:

openssl x509 -req -days 365 -in localhost.csr -signkey localhost.key -out localhost.crt

For security, set appropriate file permissions:

chmod 600 localhost.key localhost.crt

Step 2: Configuring Puma to Use SSL in Development

With the certificate ready, the next step is to configure Puma to use it. This configuration is specific to the development environment.

First, locate your Rails application’s Puma configuration file, typically found at config/puma.rb.

Second, add the following lines to config/puma.rb, ensuring to replace path_to with the actual path to your ~/.ssh directory:

# config/puma.rb

if Rails.env.development?
  key_path = File.expand_path('~/.ssh/localhost.key')
  cert_path = File.expand_path('~/.ssh/localhost.crt')

  ssl_bind '127.0.0.1', '3001', {
    key: key_path,
    cert: cert_path,
    verify_mode: 'none'
  }
end

Restart Puma to apply the changes:

rails server (or) ./bin/dev

Conclusion

By following these steps, you’ve successfully set up SSL in your Rails development environment. This setup not only enhances security but also allows you to test SSL-specific features locally. Remember, a self-signed certificate will cause browsers to show a security warning. This is expected and acceptable for development purposes. For production environments, always use a certificate signed by a trusted certificate authority.

Rails
Puma
Ssl
OS X
Development

--

--

Stéphane Paquet
Stéphane Paquet

Written by Stéphane Paquet

59 Followers
97 Following

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams