Adding SSL support for Apache

You can tell the Brightbox gem to setup an SSL configuration for your application in Apache, by giving it the name of an installed SSL certificate.

The simplest way is to set the ssl_certificate variable, e.g:

set :ssl_certificate, "brightbox"

This will look for a certificate called brightbox.crt in the directory /etc/ssl/certs and a private key called brightbox.key in the directory /etc/ssl/private. These are the default locations for openssl certificates on Ubuntu.

You can be more specific:

set :ssl_certificate, "/etc/apache2/ssl/my_cert.pem"
set :ssl_key, "/etc/apache2/ssl/my_cert.key"

If the certificate you have bought requires an 'intermediate certificate' or certificate chain (GoDaddy requires this) then just combine these extra certificates with my_cert.pem into one file:

cat my_cert.pem intermediate.pem > my_cert_chain.pem

When you run, or rerun deploy:setup, the gem will detect that ssl_certificate is set and will create an Apache configuration called rails-default-ssl.

Only one application on a server can be SSL enabled due to the way Apache and browsers handles certificates.

(You need Apache >=2.2.8 with Server Name Indication enabled, and browsers that support it before you can have multiple SSL vhosts on a single IP Address).