Rigel Group

They shoot Yaks, don't they?

Connecting to POW via SSL

If you are running your Rails apps under Pow (and really, why wouldn’t you?), and you need to connect via SSL, you may have googled around and found instructions on how to set up Nginx as an SSL proxy. While this is probably your best bet for heavy-duty usage, if you want something simpler and lighter-weight for occasional testing, check out stunnel. It will proxy SSL connections just like Nginx.

The magic incantations (for OSX at least) go something like this:

1
 brew install stunnel

Now, the default .pem file that stunnel created for me didn’t work, so let’s create our own:

1
 openssl req -new -x509 -days 9999 -nodes -out /usr/local/etc/stunnel/stunnel.pem -keyout /usr/local/etc/stunnel/stunnel.pem

Verify the .pem file with this command:

1
 openssl x509 -subject -dates -fingerprint -in /usr/local/etc/stunnel/stunnel.pem

If everything checks out, lets now create a config file for stunnel that will proxy https connections from port 443 on localhost to http connections to port 80 on localhost.

1
2
3
4
5
6
7
8
9
10
11
 tee /usr/local/etc/stunnel/stunnel.cnf <<ENDOFFILE
pid        = /tmp/stunnel.pid
setuid     = nobody
setgid     = nobody
foreground = yes
client     = no
[https]
cert = /usr/local/etc/stunnel/stunnel.pem
accept = 443
connect =  80
ENDOFFILE

Now all that is left to do is fire it up:

1
 sudo stunnel

Go here and you should see your pow server.