Flask-https.md

Running Your Flask Application Over HTTPS

Requirements

SOURCE

python -m pip install Flask flask_cors pyopenssl

The Simplest Way To Do It

• Use Dummy certificateto quickly serve an application over HTTPS without having to mess with certificates.

• Add ssl_context='adhoc' to your app.run() call.

• New certificate will be generated each time the server runs.

• The browser does not eliminate the security warnings.

EXAMPLE CODE!

from flask import Flask
from flask_cors import CORS, cross_origin

app = Flask(__name__)
CORS(app, support_credentials=True)

@app.route("/")
@cross_origin(supports_credentials=True)
def hello_world():
    return "<p>Hello, World!</p>"

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=6262, ssl_context='adhoc')

Self-Signed Certificates

• Generate self-signed certificates easily from the command line.

openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 365

EXAMPLE CODE!

from flask import Flask
from flask_cors import CORS, cross_origin

app = Flask(__name__)
CORS(app, support_credentials=True)

@app.route("/")
@cross_origin(supports_credentials=True)
def hello_world():
    return "<p>Hello, World!</p>"

if __name__ == "__main__":
    app.run(host="0.0.0.0", port=6262, ssl_context=('cert.pem', 'key.pem'))

Using free CA with Let's Encrypt.

sudo snap install --classic certbot
sudo apt update

sudo certbot certonly --webroot -w /var/www/example -d example.com

sudo certbot renew