-3

I am running the python program with "app.run" specifying hostname and port. It is running on Http by default but I want to run on Https.

How can i do it?

mkrieger1
  • 19,194
  • 5
  • 54
  • 65
Anurag Tripathy
  • 3
  • 1
  • 4
  • 4
    What is "app.run"? Please show a [mre]. – mkrieger1 Jul 17 '21 at 12:29
  • Which web app framework are you using? The popular ones have sections on their tutorial on how to deploy them for production, where you can then have *true* HTTPS support. – Gino Mempin Jul 17 '21 at 12:46
  • If `app.run` is Flask, then see: [can you add HTTPS functionality to a python flask web server?](https://stackoverflow.com/q/29458548/2745495) – Gino Mempin Jul 17 '21 at 13:04
  • Hi Mempin, thanks for the details. Yes, app.run is Flask. Based on the link I tried both from "OpenSSL import SSL" and "import ssl context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)" but failing with message "AttributeError: module 'OpenSSL.SSL' has no attribute 'PROTOCOL_TLSv1_2'" or "SyntaxError: invalid syntax". – Anurag Tripathy Jul 17 '21 at 18:11
  • I am able to run the program in https with "ssl_context='adhoc'" command now. But when try to connect this program from another server/source get the response "HTTP Error 404. The requested resource is not found." or "This site can’t be reached", telnet between source and destination is working so no firewall issue. Able to connect to the program from source when run with default http protocol. – Anurag Tripathy Jul 17 '21 at 19:12

1 Answers1

0

I would rather suggest you setting up an Nginx proxy to do the SSL dirty work. It is well tested and routine.

Since Python can utilize only one cpu logical core in one process - no matter how many threads or coroutines in it, it is a bad idea for it to do the SSL cipher job. Suppose you rent a dual-core server, setting up an Nginx to decipher https to http back to your python http server will keep the server more healthy.

George Y
  • 525
  • 3
  • 14
  • Hi George, I am not too hands on with proxy (re-direction) and will not able to install/rent anything on the machine as it belongs to client and run by other apps. I was thinking if there is any way I can define the protocol to https (as have done for port) and use that instead of default http. – Anurag Tripathy Jul 17 '21 at 12:39
  • If you are using aiohttp, check this out - https://stackoverflow.com/questions/41701791/aiohttp-and-client-side-ssl-certificates – George Y Jul 17 '21 at 12:43
  • No I am using flask – Anurag Tripathy Jul 17 '21 at 18:13
  • I am able to run the program in https with "ssl_context='adhoc'" command now. But when try to connect this program from another server/source get the response "HTTP Error 404. The requested resource is not found." or "This site can’t be reached", telnet between source and destination is working so no firewall issue. Able to connect to the program from source when run with default http protocol. – Anurag Tripathy Jul 17 '21 at 19:12
  • Maybe you can search "flask ssl". – George Y Jul 18 '21 at 02:52