Python Forum
Deploying SSL for my Django 2.0.1 server with Apache on Ubuntu 16.04 (droplet)
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Deploying SSL for my Django 2.0.1 server with Apache on Ubuntu 16.04 (droplet)
#1
I’ve played with a little Django (v2.0.1) locally. Now I am trying to implement a test case on my production Apache web server. I’m running an Ubuntu 14.04 DigitalOcean droplet (will upgrade to 18.04 later this year).

I got Django running.

Here it is: http://www.angeles4four.info:8000/

Before I log into my admin panel, I figure it’s best practices to set up HTTPS first. But when I visit that URL as https://, Chrome throws this message:

Quote:This site can’t provide a secure connection www.angeles4four.info sent an invalid response. ERR_SSL_PROTOCOL_ERROR
And my shell on my server shows this message:

Quote:[20/Jan/2018 23:54:39] "GET / HTTP/1.1" 200 16559 [21/Jan/2018 00:01:23] code 400, message Bad request syntax ('\x16\x03\x01\x00Ì\x01\x00\x00È\x03\x03&6U\x10µ\x82\x97\x7f´8\x1e«\x0e¿ÿ§\x89æ\x82\r¢G§\x01ç°P%\x80)ÕÃ\x00\x00\x1c * À+À/À,À0̨̩À\x13À\x14\x00\x9c\x00\x9d\x00/\x005\x00') [21/Jan/2018 00:01:23] You're accessing the development server over HTTPS, but it only supports HTTP.

That’s because SSL isn’t set up. My current SSL Certificate Authority is Let’s Encrypt. SSL is running properly for my public_html content but not for my recent deployment of Django.

I found some resources elsewhere on SO for setting up SSL with Django.

In an SO post titled, “Configure SSL Certificate on Apache for Django Application (mod_wsgi)”, a highly upvoted answer by Alexey Kuleshevich suggests a template for 000-default.conf and default-ssl.conf for Apache vhosts. See here: Configure SSL Certificate on Apache for Django Application (mod_wsgi)

I did my best to change up the suggested values and entries so that they refer to my specific configuration. Here are what these two vhost configuration files of mine look like now.

/etc/apache2/sites-available/angeles4four.info-le-ssl.conf:
Quote:<IfModule mod_ssl.c>
<VirtualHost *:443>
#ServerName www.example.com
ServerAdmin [email protected]
ServerName angeles4four.info
ServerAlias www.angeles4four.info
DocumentRoot /var/www/html/angeles4four.info/public_html

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# Django Application
Alias /static /var/www/html/angeles4four.info/public_html/Cel2FahConversion
<Directory /var/www/html/angeles4four.info/public_html/Cel2FahConversion>
Require all granted
</Directory>
<Directory /var/www/html/angeles4four.info/public_html/Cel2FahConversion>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WGIDaemonProcess cel python-path=/var/www/html/angeles4four.info/public_html/Cel2FahConversion/venv/bin/python3
WSGIProcessGroup cel
WSGIScriptAlias / /var/www/html/angeles4four.info/public_html/Cel2FahConversion/Cel2FahConversion/Cel2FahConversion/wsgi.py

SSLCertificateFile /etc/letsencrypt/live/angeles4four.info/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/angeles4four.info/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateChainFile /etc/letsencrypt/live/angeles4four.info/chain.pem
</VirtualHost>
</IfModule>
angeles4four.info.conf:

Quote:<VirtualHost *:80>

#ServerName www.example.com
ServerAdmin [email protected]
ServerName angeles4four.info
ServerAlias www.angeles4four.info
DocumentRoot /var/www/html/angeles4four.info/public_html
<Directory "/var/www/html/angeles4four.info/public_html">
Options Indexes FollowSymlinks
AllowOverride All
Require all granted
</Directory>

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

RewriteEngine on
RewriteCond %{SERVER_NAME} =angeles4four.info [OR]
RewriteCond %{SERVER_NAME} =www.angeles4four.info
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
No dice. I still get the same traceback as I initially shared.

The next SO post I came across suggests modifying settings.py. Here it is: Error "You're accessing the development server over HTTPS, but it only supports HTTP"

The upvoted suggestion here by YoYo is to modify session cookies and secure SSL redirect. YoYo also recommends managing base, local, production settings which doesn’t really apply to me. So I tried adding these three lines to my settings.py:

Quote:SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_SSL_REDIRECT = True
My python3 manage.py runserver shell traceback still says: “You're accessing the development server over HTTPS, but it only supports HTTP.”

Any ideas? What else could I try?

Thanks for your attention.
Reply


Messages In This Thread
Deploying SSL for my Django 2.0.1 server with Apache on Ubuntu 16.04 (droplet) - by Drone4four - Jan-21-2018, 03:45 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Apache Module jfha73 2 461 Jan-26-2024, 07:59 PM
Last Post: noisefloor
  deploying python script on a server rickyrt 0 1,439 Aug-31-2021, 04:03 PM
Last Post: rickyrt
  Flask Ubuntu Server Not Running Wheel 0 1,978 Jul-14-2020, 08:12 PM
Last Post: Wheel
  Where is mod_wsgi for Apache on Windows? jfha73 0 1,612 May-01-2020, 02:21 PM
Last Post: jfha73
  Django deployment on apache server? tmmaersk 2 2,075 Mar-28-2020, 03:35 PM
Last Post: tmmaersk
  Django: How to automatically substitute a variable in the admin page at Django 1.11? m0ntecr1st0 3 3,247 Jun-30-2019, 12:21 AM
Last Post: scidam
  How to deploy Django application on Apache2 server deepag 0 2,005 Jan-23-2019, 05:09 AM
Last Post: deepag
  Python handling Apache Request harzsr 3 3,737 Nov-16-2018, 04:36 AM
Last Post: nilamo
  Enable error logging to browser for Python's Flask under Apache + mod_wsgi nikos 1 3,017 Sep-18-2018, 09:15 PM
Last Post: nikos
  Trouble deploying Django/wagtail on Ubuntu 14.04 Drone4four 0 2,756 Mar-20-2018, 04:14 AM
Last Post: Drone4four

Forum Jump:

User Panel Messages

Announcements
Announcement #1 8/1/2020
Announcement #2 8/2/2020
Announcement #3 8/6/2020