[Flask] 答复: Question about SSL certificate on custom domain
陆 徐超
luseiee at outlook.com
Wed Oct 19 13:10:12 EDT 2016
Dear Ares Ou:
Thanks a lot!! Your response is very helpful!
I've read this article and I am still confused about several points.
Suppose I deploy my flask project on example.herokuapp.com and bought a new domain my.com and resolute it to example.herokuapp.com.
1. In Production Environment, I'm told that it's not recommended to use app.run(), instead gunicorn is recommended, how to implement HTTPS on gunicorn? I've checked gunicorn's doc and I found that gunicorn has --keyfile and -certfile options. I suppose it will do the same thing, am I right?
2. The second question is a serious one. The certification I bought is binded to my.com.
Suppose I use gunicorn manage:app --keyfile ssl_certificate/aaa.key --certfile ssl_certificate/aaa.pem on my heroku server.
Heroku has its own https service, I don't need to do anything to make it work.
So when accessing example.herokuapp.com, it will cause error.
3. Actually, when accessing my project with my.com, it also causes error and I haven't figured out why.
4. On Heroku website https://devcenter.heroku.com/articles/ssl-endpoint, there's such a sentense:
To enable SSL on a custom domain, for example, www.example.com, use the SSL Endpoint add-on.
SSL Endpoint is a paid add-on service. Please keep this in mind when provisioning the service.
Does that mean I have to use Heroku add-on (20$ a month, a lot for a student) to enable Https on my.com? Is it possible to make it happen with flask?
5. I don't know if this mail should also be sent to the mailist, will it confuse the others?
Lu
________________________________
发件人: Ares Ou <aresowj at gmail.com>
发送时间: 2016年10月20日 0:39:06
收件人: 陆 徐超
抄送: flask at python.org
主题: Re: [Flask] Question about SSL certificate on custom domain
Hi,
I guess you should check out how to implement HTTPS on the web server.
For example, Apache or Nginx. Of course the dev server in Flask also supports
SSL if you set it up correctly. I did a brief search and found this snippet which
might be helpful to you: http://flask.pocoo.org/snippets/111/ . Let me know if you
have any question following this article.
Thanks.
Best regards,
Ares Ou
Software Engineer / Full-Stack Python Developer
Blog: http://aresou.net | Github: https://github.com/aresowj
Stack Overflow: http://stackoverflow.com/users/5183727/ares-ou
Ares Ou
On Wed, Oct 19, 2016 at 9:35 AM, 陆 徐超 <luseiee at outlook.com<mailto:luseiee at outlook.com>> wrote:
Hello Everyone:
I'm a beginner to web development.
I followed Miguel Grinberg's book and develop the flasky blog system. I deployed it to Heroku.
Now I bought a new domain name and resoluted the domain to my Heroku domain. When using the new domain, I found that it can't pass the SSL certification when using https. (Of course, the original Heroku URL is https enabled.) There's always a red cross on the URL in my Chrome browser.
I bought a free CA from Symantec and got two files .key and .pem.. Can anybody tell me how to use these two files in my FLASK project and make the https function well?
And one more question. When I run my project with http using my own domain name, the user login state can't last long. I frequently need to login again. When I run it in https in Heroku domain name, it works well. Is that because the browser refresh the cookies under unsafe http browsing?
Before reading this book, I have barely no idea about web, HTTP, maybe the question is a little bit silly.
I hope someone could help me.
Thanks a lot!
Lu
2016.10.19
_______________________________________________
Flask mailing list
Flask at python.org<mailto:Flask at python.org>
https://mail.python.org/mailman/listinfo/flask
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/flask/attachments/20161019/c585e941/attachment-0001.html>
More information about the Flask
mailing list