我有一个Python Flask网站,托管在Hetzner的Windows VPS上,一个带有Certbot和OVH域名的SSL密钥。我的网站只使用HTTP,我找不到如何使用它启用HTTPS。我已经在OVH中链接了我的SSL密钥,但我认为我需要在服务器上做其他事情,但我不知道它是如何工作的。谢谢你的帮助!
烧瓶代码:
from flask import Flask, render_template, request, session, redirect, url_for
from waitress import serve
app = Flask(__name__)
@app.route("/")
def home():
return render_template("index.html")
if __name__ == "__main__":
#context = ('server.crt', 'server.key')
#app.run(host='0.0.0.0', debug=True, port=80, ssl_context=context)
serve(app, host='0.0.0.0', port=80, threads=1, url_scheme='https') # I tried
您可以参考此链接。
但我真的不建议在flask服务器中添加https
相反,您可以考虑像使用nginx一样使用reverse proxy来提供ssl支持。
server {
listen 80;
listen 443 ssl;
server_name localhost;
server_name _;
charset utf-8;
ssl_certificate /etc/nginx/cert/xxx.pem; // add ssl certificate
ssl_certificate_key /etc/nginx/cert/xxxx.key; // add ssl certificate
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location ^~ / {
proxy_pass http://flask:5000; // redirect to flask
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
}
}