ahoernecke
commented
7 years ago Hi @mars01,
It is definitely possible but depends completely on your setup. Generally when a rails application is deployed for production use, it will be fronted by a web server like apache or nginx, largely to serve static files in a more performant manner. Internally we've used both Apache and Nginx to front Scumblr, and it's pretty straightforward to configure either to use SSL, and then you basically just tell it to upstream non-static asset requests to scumblr via a unix socket.
The one change you would need to make in scumblr is to tell it to force ssl by adding/uncommenting the following line in the proper environment file:
# scumblr/config/environments/production.rb
config.force_ssl = trueThis will tell Scumblr to redirect to HTTPS (if a request comes in over HTTP) as well as enable HSTS and the secure flag on session cookies.
Without fully understanding your setup I probably can't give you exact instructions, but if you provide some details on how you're planning to deploy I can try to point you in the right direction as far as web server config.
Good afternoon,
I'm trying to enable SSL on Scumblr but I'm only seeing documentation on Sketchy SSL. Is there a way to do this in Scumblr 2.0? I can generate my certificates, but I'm not sure where they should be stored or referenced for Scumblr to pick up on them.
Thanks in advance,