基于本指南运行Flask+自签名证书测试
烧瓶服务器:
from flask import Flask
app = Flask(__name__)
@app.route('/')
def hello_world():
return '<html><head></head><body><p>blabla</body></html>'
if __name__ == "__main__":
app.run(debug=True, host='0.0.0.0', port=443, ssl_context=('cert.pem', 'key.pem'))
我使用生成了一个证书
openssl req -x509 -newkey rsa:4096 -nodes -out cert.pem -keyout key.pem -days 365
当我运行服务器时(sudo python test.py(我得到以下错误:
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 801, in __bootstrap_inner
self.run()
File "/usr/lib/python2.7/threading.py", line 754, in run
self.__target(*self.__args, **self.__kwargs)
File "/home/abuyoyo/.local/lib/python2.7/site-packages/werkzeug/serving.py", line 774, in inner
fd=fd)
File "/home/abuyoyo/.local/lib/python2.7/site-packages/werkzeug/serving.py", line 660, in make_server
passthrough_errors, ssl_context, fd=fd)
File "/home/abuyoyo/.local/lib/python2.7/site-packages/werkzeug/serving.py", line 601, in __init__
self.socket = ssl_context.wrap_socket(sock, server_side=True)
File "/home/abuyoyo/.local/lib/python2.7/site-packages/werkzeug/serving.py", line 511, in wrap_socket
ssl_version=self._protocol, **kwargs)
File "/usr/lib/python2.7/ssl.py", line 949, in wrap_socket
ciphers=ciphers)
File "/usr/lib/python2.7/ssl.py", line 560, in __init__
self._context.load_cert_chain(certfile, keyfile)
IOError: [Errno 2] No such file or directory
我将绝对路径与证书绑定,我尝试了错误的路径,但每次都会出现相同的错误。
看起来像是文件权限问题。创建一个特定的文件夹来存储它们,并将权限授予管理服务器的用户。
举个例子,考虑到"www"是您启动服务器的用户:
$ sudo mkdir /etc/ssl/certs/myPythonServerCert
$ sudo chown www:www /etc/ssl/certs/myPythonServerCert
$ sudo chmod 500 /etc/ssl/certs/myPythonServerCert
这将在/etc/ssl/certs中创建一个文件夹,该文件夹只能由www用户访问和读取。把你的证书放在那里,它应该会起作用。
发出路径权限问题。
将证书移动到/tmp解决了此问题。
将证书移动到/tmp下解决了问题/tmp拥有777权限。我已经将cert.pem和key.pem文件放在/tmp中的子目录中。