Fwd: No SSL!? NO EXCUSES!!!
16 views
Skip to first unread message
AJ ONeal (Home)
Jan 31, 2015, 2:02:48 PM1/31/15
to Utah Ruby User Group
Hey guys,
Is anyone willing to make a bare bones github repo that demonstrates how to start an https server with dummy ssl certs?
Mozilla's LetsEncrypt.org inspired me to get up a zero-config in node.js, and I'd like to be able to link to a ruby example as well.
If that sounds interesting to you, but you're not sure how to create certs and such, I've got dummy certs already in the node repo [0], and I've created a screencast here:
I'm also looking for python, go, and other examples.
Thanks if you can help... and remember to encrypt! :-)
AJ ONeal
---------- Forwarded message ----------
From: AJ ONeal (Home) <cool...@gmail.com>
Date: Wed, Jan 28, 2015 at 12:36 AM
Subject: No SSL!? NO EXCUSES!!!
To: UtahJS <uta...@googlegroups.com>
From: AJ ONeal (Home) <cool...@gmail.com>
Date: Wed, Jan 28, 2015 at 12:36 AM
Subject: No SSL!? NO EXCUSES!!!
To: UtahJS <uta...@googlegroups.com>
For anyone who hasn't been using SSL because it seems too expensive or complicated:
I just make a 15 min screencast that steps through the process of creating a key, CSR, and handing over my $10 to name.com/RapidSSL for SSL cert that will only ever be used in development:
There's a repository that is zero-config - clone and run - and I show you the 3 lines of modifications that need to be made to replace the dummy certs with your very own.
I hope this tips the scale for a few of you to encrypt.
:-D
Also, there was an amazing video (a talk of some kind) that was more pushing the point "this isn't the 80s, encryption isn't slow", but it mentioned very practical benefits of SSL that I hadn't thought of before - like how an HTTPS site can't be hijacked by those annoying wifi hotspots that inject their ads into any plaintext html going across the network. If anyone saw it on twitter or a popular blog in the last few weeks or otherwise knows what I'm talking about, link it up!
AJ ONeal
Jeff Moss
Jan 31, 2015, 5:56:01 PM1/31/15
to ur...@googlegroups.com
With ruby if I wanted to set up SSL locally, I'd tell whatever webserver I'm using that I want it to load the certs and run on an SSL port.
Puma for example would need a config directive or a command line option:
People don't really use webrick for production stuff these days, but the ruby equivalent of what you've done is a webrick server with configuration for ssl, here is the example:
Also you can get a free public SSL cert from these guys:
If you've got your own CA that you issue certificates with, you can install the CA in the mac keychain and those security warnings about untrusted sites will stop showing, useful for development and private networks. That mozilla project looks great though, I'll definitely use it.
-Jeff
--
http://utruby.org
http://groups.google.com/group/urug
please prefix the subject with [JOB] when regarding job opportunities
---
You received this message because you are subscribed to the Google Groups "Utah Ruby Users Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to urug+uns...@googlegroups.com.
To post to this group, send email to ur...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages