Last active
December 12, 2018 12:31
-
-
Save pydanny/50c6ef333cbdc8c1a0cc5cedd176bc04 to your computer and use it in GitHub Desktop.
running local unverified SSL on Django and Flask (don't do this in production!!!)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from .common import * # noqa | |
| DEBUG = True | |
| INSTALLED_APPS += ('django_extensions',) | |
| # Snip all the other stuff |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """Old-Skool Flask setup. Yes, I loathe the 'FLASK RUN' pattern as it feels like a | |
| needless abstraction. | |
| """ | |
| from flask import Flask | |
| app = Flask(__name__) | |
| app.secret_key = "This is my secret key." | |
| if __name__ == "__main__": | |
| # This only runs locally when run as "python main.py" | |
| os.environ['DEBUG'] = "1" | |
| # This runs Flask locally with a self-signed SSL certificate. | |
| app.run(debug=True, ssl_context='adhoc') |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Django local unverified SSL requirements | |
| Django (at least Django 1.11) | |
| django-extensions | |
| # You may not need all the below security requirements: | |
| cryptography | |
| certifi | |
| pycparser | |
| asn1crypto | |
| pyOpenSSL | |
| # Flask local unverified SSL requirements | |
| flask | |
| # The security requirement probably installs the same requirements | |
| # as what I use in Django. Haven't checked. Anyway, this works so I'm happy. | |
| requests[security] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to run Django locally with unverified SSL cert | |
| (python36env) $ ./manage.py runserver_plus --cert /tmp/cert | |
| # to run Flask locall with adhoc SSL cert | |
| (python36env) $ python main.py |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is how we run our core Django service and Flask microservices locally. We do this because OAuthlib and other tools insist on SSL. This is unverified SSL, so it won't work in production. However, it gives us an easy out for running locally in SSL.
Note: We (me and @audreyr) figured this out by delving into documentation and some Stack Overflow. I can't remember where we found these techniques. So no attribution for this gist, just sharing of knowledge.
If we get our APIstar microservice launched (a big "if" there), then I'll post how we got SSL working there too.