When developing Web apps using Django or Flask, it is common to develop and debug programs with built-in servers, which are then transferred to the production environment for deployment. The problem is that these built-in servers usually do not support HTTPS, we want to be able to use and test https at development time, do not want to deploy to the production environment without testing, so we need the built-in server to support HTTPS.
This problem can be solved by an external program stunnel, the role of Stunnel is to encrypt the TCP session through the OpenSSL Library, establish a secure channel to protect the program without encryption or unencrypted. Its main functions are two:
- Receive unencrypted data stream, SSL encryption, and then send the encrypted data stream over the network;
- Decrypts the encrypted data stream and sends the decrypted traffic to another program over the network.
After understanding the function of Stunnel we can easily think of using Stunnel to establish an SSL encrypted channel bound to the Django/flask built-in server, Stunnel start 443 port to accept the user's HTTPS request, decrypted and sent to the built-in server 8000 Port processing, the built-in server sends data after processing to Stunnel and then encrypts it back to the browser user.
Here is the implementation step:
The first step is to install Stunnel on the machine where the Django/flask development server resides:
# Yum Install Stunnel (on CentOS) $ sudo apt-get install Stunnel4 (on Ubuntu)
The second step, if you do not purchase an SSL certificate, you generate a file, the permissions must be 600:
# OpenSSL req-new365 -nodes- out Vpsee.pem- Vpsee.pem
Step three: Create a new configuration file called HTTPS, and then use Stunnel to execute this configuration file and start port 443 to connect to port 8000 of the Django/flask built-in server:
==7=4438000# stunnel HTTPS
Fourth Step:
- Start the Django built-in server bound to port 8000 mentioned above in the configuration file:
# https=10.0. 0.0:8000
- Start Flask built-in server does not need special, change the port to 8000, the normal way to start it
# vi run.py#!flask/bin/python from app import Appapp.run (host=' 0.0.0.0', port=8000, debug = True) #. /* Running on http://0.0.0.0:8000/ * Restarting with Reloader
Using HTTPS on the Django/flask development server