Django Development Server with HTTPS

Sometimes you can’t avoid using HTTPS right starting from development (such as for developing Facebook canvas applications). You can setup Apache on your local machine and go through a bunch of trouble setting up your domain and setting up the certificate etc but there’s an easy way of using Django’s python manage.py runserver to work with HTTPS.

This can be done with stunnel that lets the Facebook server and stunnel on your machine communicate in SSL and stunnel turns around to communicate with Python in HTTP. First install stunnel. For instance in Mac OS X:

brew install stunnel

Then you need to create a settings file for stunnel to execute. You can create a text file anywhere. For instance, you can create dev_https and input:

pid=
cert=/usr/local/etc/stunnel/stunnel.pem
foreground=yes
debug=7
[https]
accept=8001
connect=8002
TIMEOUTclose=1
stunnel creates a fake certificate. By default on Mac, it's at /usr/local/etc/stunnel/stunnel.pem. It'll bring up a warning on your browser saying that your webpage can be fake but Facebook operations still work right. Since stunnel has to listen on one port and Python's development server cannot run on the same server, you must use different ports for accept (incoming) and connect (internal). Once you have your dev_https file or whatever you called it, run
sudo stunnel dev_https
to start the tunnelling. Then start your Python server.
HTTPS=1 python manage.py runserver 0.0.0.0:8002
Environment variable HTTPS must be set to 1 for it to return secure responses and since we previously set the internal port to 8002, we listen on 8002 from all incoming IPs. Then, your IP:8001 can accept HTTPS connections without changing your webserver and you can continue running another instance of HTTP Python server on a different port.
Source
Like what you read? Give xster a round of applause.

From a quick cheer to a standing ovation, clap to show how much you enjoyed this story.