HTTPS (full name: Hyper Text Transfer Protocol over securesocket layer) is an HTTP channel aiming at security, which is encrypted and encrypted through transmission on the basis of HTTPidentity authentication It ensures the security of the transmission process. HTTPS is added on the basis of HTTPSSLThe security foundation of HTTPS is SSL, so SSL is needed for the details of encryption. There is a default port and an encryption / authentication layer (between HTTP andTCPBetween). This system provides authentication and encrypted communication methods. It is widely used in many fieldswebSecurity sensitive communication, such as transaction payment, etc
Hypertext Transfer Protocol (HTTP) is a simple request response protocol, which usually runs in theTCPabove. It specifies what messages the client may send to the server and what responses it will receive. The header of the request and response message is marked withASCIIThe form is given; The message content has a similar functionMIMEFormat. This simple model is earlyWebA meritorious man of success, because it makes development and deployment very straightforward.
Generally speaking, we use HTTP as the transport protocol when we test locally or when it is not so important.
For example, this is how you run with the flash project in Python
So if we use HTTPS. SSL certificate should be added to use pyopenssl package
First, apply for SSL certificate. The premise is a registered domain name. I use the domain name registered by alicloud and register for a free certificate for one year.
Then click download to download the key and PEM certificates according to your own needs
After downloading and decompressing, two files will be generated, one is key and the other is PEM. The file name can be changed.
As shown in the figure: run.py Peer directory)
Then download the pyopenssl package
pip install PyOpenSSL
Then add the certificate to the configuration to run (key and PEM order can’t be wrong). Otherwise, the operation is not successful.)
You can see the access format of HTTPS
It is generally possible to use a relatively simple configuration locally, but it needs to be deployed to the server. Access to the Internet, then the certificate, front-end, domain name are required to be true.
First of all, the flash project is deployed in gunicorn + gevent, and the docker is used to package online for external network access（ The previous article has written this operation)
Because online is to use gunicorn to run the project! So we need to configure it.
You can start the flash project with the gunicorn command
gunicorn -w 4 -b 192.168.1.79:4000 run:app --keyfile server.key --certfile server.pem
Later, when you package the docker to the server, you start the project through gunicorn, so Gunicorn.conf.py Configuration must be written correctly!
Then package the project to the server’s docker (this operation has been written in the previous article)
Back end access: server IP + 8111
Front end access: server IP + 8222
Now we are using nginx proxy domain name and front and back docker container port
Domain name and certificate must match!
Front end test
Next, you can test it on the local front end
Use HTTPS + domain name + 8111 to access the back-end code interface (if there is no front-end environment, you can use apipost and postman to test)
Using local front end test to access the port of HTTPS + domain name + back end container
In this way, we can successfully use the front end to debug and access the interface and test on the back end line
Test the interface with apipost
HTTPS + domain name + 8111 (back end online port) + interface
HTTPS + server IP + 8111 (back end online port) + interface
Can get data to prove access to the online interface success!