I see the following error in Terminal when attempting to run a Ruby on Rails app.
HTTP parse error, malformed request (): #<Puma::HttpParserError: Invalid HTTP format, parsing fails.>
2017-03-12 13:10:02 -0400: ENV: {"rack.version"=>[1, 3], "rack.errors"=>#<IO:<STDERR>>, "rack.multithread"=>true, "rack.multiprocess"=>false, "rack.run_once"=>false, "SCRIPT_NAME"=>"", "QUERY_STRING"=>"", "SERVER_PROTOCOL"=>"HTTP/1.1", "SERVER_SOFTWARE"=>"puma 3.4.0 Owl Bowl Brawl", "GATEWAY_INTERFACE"=>"CGI/1.2"}
The browser error:
This site can’t provide a secure connection. localhost sent an invalid response. ERR_SSL_PROTOCOL_ERROR*
I have tried the following
Here are some possible solutions.
Make sure you are connecting through http://localhost:3000 and not https://localhost:3000.
If the browser redirects to HTTPS and it's Google Chrome, try this solution that addresses an HSTS problem: https://stackoverflow.com/a/28586593
Make sure you do not have the production environment (if that's what you're serving) forcing HTTPS. If that's the problem, comment this out or change true
to false
:
config/environments/production.rb
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
config.force_ssl = true
seems like you are trying to run HTTPS on your local. You need to have a TLS toolkit (like openSSL) installed on your local. OPENSSL for example.
after you made sure of that, and if still not working, maybe you can find you're answer in the next Github issue. Seems like a bug with Puma gem. GITHUB ISSUE TALK
For those reading this in the future, consider the following:
If you are ok with turning off SSL in your development environment you can do so by going to:
config/environments/development.rb
and configuring:
config.force_ssl = false
Here is some code that works for me, using puma, that invokes SSL certification (locally). I have created my certificates and have dumped it in the relevant location:
rails s -b 'ssl://localhost:3000?key=./.ssl/localhost.key&cert=./.ssl/localhost.crt'
When I want to run it in a production environment from my PC I using the following:
rails s -b 'ssl://localhost:3000?key=./.ssl/localhost.key&cert=./.ssl/localhost.crt' -e production
HTH
Access the app using a different browser, or if you are in Chrome access it in Incognito mode. After this the error did not show in any browser again. Remember to remove the config.force_ssl
or set it to false
in the development.rb
file first.
Encountered this today after adding and then removing the config.force_ssl = true
config in our Rails 6 app's development.rb
file. Tried to access the app in localhost, in a Chrome browser, and the same error showed. Restared rails server several times, to no avail.
The accessing it in different browser, where the force ssl version of the app client was never opened, worked.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With