Django https与开发服务器
我试图在我的网站中使用SpeechRecognition/webkitSpeechRecognition,因此需要使用https在django中运行开发服务器 我已经采取了以下步骤:Django https与开发服务器,django,ubuntu,https,django-dev-server,Django,Ubuntu,Https,Django Dev Server,我试图在我的网站中使用SpeechRecognition/webkitSpeechRecognition,因此需要使用https在django中运行开发服务器 我已经采取了以下步骤: 从django扩展安装并配置runserver\u plus 将由此生成的证书添加到ubuntu中的我的cas中 # run server python3 manage.py runserver_plus --cert-file certs/localhost --reloader-interval 2 0.0.
- 从
django扩展安装并配置runserver\u plus - 将由此生成的证书添加到ubuntu中的我的cas中
然后 然后我重新启动所有程序,以确保更改已被考虑在内,但该网站仍然不受# run server python3 manage.py runserver_plus --cert-file certs/localhost --reloader-interval 2 0.0.0.0:8000
和https://127.0.0.1:8000https://localhost:8000
awk-v cmd='openssl x509-noout-subject''
/开始/{close(cmd)};{print | cmd}'允许无效证书。这不是一个快速解决方案。我将在此概述我为解决此问题所采取的步骤。作为参考,我使用:
- Django 2.2.1
- Ubuntu 18.04.02
- 谷歌浏览器75.0.3770.142
- 转到“设置”
- 搜索HTTPS/SSL
- 转到“权限”选项卡
- 导入证书/ca.pem
https://local.company.dev:8000/如果我遗漏了什么,请不要犹豫,发表评论,我会更新答案,试试django sslserver()。我认为你做的一切都是对的,只是需要告诉Chrome信任你的证书。请参阅@dirkgroten谢谢你的回复,我实际上也启用了此功能,我会更新问题。还有更多提示。问题是,Chrome不断改变这一点,所以很多解决方案都过时了。这令人沮丧。
# to copy certificates:
sudo mkdir /usr/share/ca-certificates/extra
sudo cp certs/localhost.crt /usr/share/ca-certificates/extra/localhost.crt
sudo chmod -R 755 /usr/share/ca-certificates/extra/
sudo chmod 644 /usr/share/ca-certificates/extra/localhost.crt
sudo dpkg-reconfigure ca-certificates
sudo update-ca-certificates
awk -v cmd='openssl x509 -noout -subject' '
/BEGIN/{close(cmd)};{print | cmd}' < /etc/ssl/certs/ca-certificates.crt
# gives:
...
subject=CN = localhost
subject=CN = *.localhost/CN=localhost, O = Dummy Certificate
# in /System/Library/OpenSSL/openssl.cnf
# comment
# RANDFILE = $ENV::HOME/.rnd
# uncomment
req_extensions = v3_req
# your domain can be whatever for a local dev server, i chose company.dev
[ v3_req ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = company.dev
DNS.2 = *.company.dev
[ v3_ca ]
# update
basicConstraints = critical, CA:TRUE, pathlen:3
# uncomment
keyUsage = critical, cRLSign, keyCertSign
nsCertType = sslCA, emailCA
# in your project root, make a dir for certs:
mkdir certs
# Create CA certificate
openssl genrsa -aes256 -out certs/ca.key.pem 2048
# gen key
openssl req -new -x509 -subj "/CN=companydev" -extensions v3_ca -days 3650 -key certs/ca.key.pem -sha256 -out certs/ca.pem -config /usr/lib/ssl/openssl.cnf
# Create Server certificate signed by CA
openssl genrsa -out certs/local.key.pem 2048
openssl req -subj "/CN=local" -extensions v3_req -sha256 -new -key certs/local.key.pem -out certs/local.csr
openssl x509 -req -extensions v3_req -days 3650 -sha256 -in certs/local.csr -CA certs/ca.pem -CAkey certs/ca.key.pem -CAcreateserial -out certs/local.crt -extfile /usr/lib/ssl/openssl.cnf
cat certs/local.crt certs/local.key.pem > certs/local-ca-full.pem
# move certificate to ca certs
sudo cp certs/local.crt /usr/share/ca-certificates/extra/local.crt
sudo chmod -R 755 /usr/share/ca-certificates/extra/
sudo chmod 644 /usr/share/ca-certificates/extra/local.crt
sudo dpkg-reconfigure ca-certificates
sudo update-ca-certificates
# update /etc/hosts
127.0.0.1 localhost local.company.dev
# Finally run server with
python3 manage.py runserver_plus --cert-file certs/local.crt --key-file certs/local.key.pem --reloader-interval 2 0.0.0.0:8000