Finally got SSL working for our app

1. Generate a self signed cert and attached to our instance on EY
2. Added the following to Gemfile

gem ‘rack-ssl-enforcer’, ‘0.2.2’

3. Added the following to config/application.rb

# :strict=>false ensures everything else is forced to http
# :force_secure_cookies => false ensures cookies can be shared between secure sign_in and http based other pages
config.middleware.use Rack::SslEnforcer, :only => [/sign_up/, /sign_in/, /\/credits/], :force_secure_cookies => false, :strict => true

 

Voila – app now uses SSL for the really important URLs