I am building a Rails app that requires some portions of the site to use HTTPS, so naturally I'm using the SSL requirement plugin. The plugin works great, but if you're using Mongrel or WEBrick running out of script/server in your development environment, you now won't be able to talk to those parts of your site (since these servers do not include SSL encryption).
The solution is pretty easy, but it's not something I found written up elsewhere, so I thought I'd document it here. All you have to do is install your own local Apache server and have it proxy requests to the Mongrel or WEBrick instance, similar to how you would set up your production environment. For simplicity I didn't use a cluster of mongrels, or mod_balance, or anything like that, just a straight-through proxy. See "A Simple Single Mongrel Configuration" on the Mongrel site for details.
But there's a bit more you need to do in order to make things work with Rails and the SSL requirement plugin. Below is a subset of my httpd.conf file; for clarity, I cut out all the default settings and just left what I added or changed.
What you're doing is setting up two different proxies through Apache to your Mongrel server; one via port 80, unencrypted, and one via port 443, encrypted with SSL. If you don't include the X_FORWARDED_PROTO line in your 443 virtual host, Rails won't know that it's using SSL and the SSL requirement filter will fail.
The two SSLcertificate directives refer to the cryptographic data needed to encrypt the traffic. I just made some self-signed certificates (which are free). There are a million tutorials out there; I used the one on Apple's site. You'll need to pick a passphrase to protect your private key. Pick something short (since this isn't the production site) because you'll need to enter it every time you want to reboot your server.
Start things up and you're ready to go!
wymanpark~ $ sudo httpd -k start Apache/2.2.6 mod_ssl/2.2.6 (Pass Phrase Dialog) Some of your private key files are encrypted for security reasons. In order to read them you have to provide the pass phrases. Server localhost:443 (RSA) Enter pass phrase: OK: Pass Phrase Dialog successful. wymanpark~ $