Sinatra + Thin + SSL

sinatra+thin+ssl.rb

#!/usr/bin/env ruby
#
# This code snippet shows how to enable SSL in Sinatra+Thin.
#

require 'sinatra'
require 'thin'

class MyThinBackend < ::Thin::Backends::TcpServer
  def initialize(host, port, options)
    super(host, port)
    @ssl = true
    @ssl_options = options
  end
end

configure do
  set :environment, :production
  set :bind, '0.0.0.0'
  set :port, 443
  set :server, "thin"
  class << settings
    def server_settings
      {
        :backend          => MyThinBackend,
        :private_key_file => File.dirname(__FILE__) + "/server.key",
        :cert_chain_file  => File.dirname(__FILE__) + "/server.crt",
        :verify_peer      => false
      }
    end
  end
end

get '/' do
  "Hello, SSL."
end

Hi,

this was very helpful. I looked through a variety of posts on the topic and none worked properly. Would you mind if I use this code in a demo on certificate pinning that I'm building? Ideally you would add a MIT license or something.

Thanks,
Daniel

Oh, very sorry. I noticed your comment just now (26 Oct 2015). Use this code as you like for both non-commercial and commercial purposes.

More generic way is here:
https://gist.github.com/TakahikoKawasaki/40ef0ab011b0a467bedf#file-sinatra-ssl-rb

Works great! However, how can I have it send the Access-Control-Allow-Origin header? I'm new to all this ruby stuff, going to go back to googling in the meantime...

edit: got it to work something like this:

get '/blah' do
@BLAH = # code ...

code...

headers['Access-Control-Allow-Origin'] = '*'
return @blah.to_json
end

Aside from generating the key, csr, and certificate, is there anything else that needs to be configured (perhaps on the OS level) to get this to work? I can get the sinatra script to execute just fine..it says it's listening on 0.0.0.0:443 but Chrome is saying the site cannot be reached...

Anyone knows how to do the same thing with puma?

Thanks for this!

How should I configure this if I've got more than one subclasses of Sinatra::Base and using config.ru?