{"id":829,"date":"2014-03-24T17:11:05","date_gmt":"2014-03-25T00:11:05","guid":{"rendered":"http:\/\/somethingk.com\/main\/?p=829"},"modified":"2014-03-24T17:11:05","modified_gmt":"2014-03-25T00:11:05","slug":"ssl-encryption-for-djangos-localnative-server","status":"publish","type":"post","link":"https:\/\/somethingk.com\/main\/ssl-encryption-for-djangos-localnative-server\/","title":{"rendered":"SSL Encryption for Django\u2019s Local\/Native Server"},"content":{"rendered":"<p>Django comes packaged with a lightweight python server. It is not intended to be a production server but more a testing\/development host. Running the server is as easy as running the following command within a Django project:<\/p>\n<p>python manage.py runserver<\/p>\n<p>Since it\u2019s so lightweight, it doesn\u2019t come with the same abilities as other servers like Apache or Nginx. It can\u2019t perform <a title=\"Stop the MitM Attacks! Use Encryption!\" href=\"http:\/\/somethingk.com\/main\/?p=545\">encryption<\/a>, however, there\u2019s a nifty tool called <a href=\"http:\/\/www.stunnel.org\/%5F\">stunnel<\/a> that can do it for you!<\/p>\n<p><i>\u201cStunnel is an open-source multi-platform computer program, used to provide universal TLS\/SSL tunneling service\u201d<\/i> (<a href=\"http:\/\/en.wikipedia.org\/wiki\/Stunnel\">Wikipedia<\/a>).<\/p>\n<p><b>Environment<\/b><\/p>\n<p>The following steps were performed on my iMac running OS X Mavericks with a Django 1.5 installation. I believe my instructions should still work for different versions (most) and Linux distributions.<\/p>\n<p><b>Steps<\/b><\/p>\n<p>Initially, I downloaded the latest version of Stunnel, however I ran into numerous compiling issues. One of them being: \u201c<i>ld: warning: directory not found for option &#8216;-L\/usr\/\/lib64.&#8217;<\/i>\u201d The error indicated I did not have the necessary 64x library. When I downloaded version, 4.54, everything compiled nicely.<\/p>\n<ul>\n<li>Download the <a href=\"http:\/\/mirrors.zerg.biz\/stunnel\/archive\/4.x\/stunnel-4.54.tar.gz\">stunnel-4.54.tar.gz<\/a> source code.<\/li>\n<li>Open a terminal window and run the following command to untar (unzip) the file.<\/li>\n<\/ul>\n<pre style=\"padding-left: 30px;\">\u00a0tar \u2013xvf stunnel-4.54.tar.gz<\/pre>\n<ul>\n<li>Run the following commands to enter the directory and install the tool (<a href=\"http:\/\/apple.stackexchange.com\/questions\/79312\/how-to-install-stunnel-on-mountain-lion\">credit<\/a>).<\/li>\n<\/ul>\n<pre style=\"padding-left: 30px;\">cd stunnel-4.54\r\n.\/configure &amp;&amp; make &amp;&amp; make check &amp;&amp; sudo make install<\/pre>\n<ul>\n<li>During the install stage, you will be required to enter in certificate data. Stunnel will conveniently make a self-signed SSL certificate for you and save it to \/usr\/local\/etc\/stunnel\/stunnel.pem. Thanks Stunnel!<\/li>\n<li>Create a configuration file for Stunnel (<a href=\"http:\/\/tech.xster.net\/tips\/django-development-server-with-https\/\">credit<\/a>). I put the file inside my Django project to keep things organized.<\/li>\n<\/ul>\n<pre style=\"padding-left: 30px;\">vim dev_https<\/pre>\n<ul>\n<li>Edit the file and add the following lines in order to manipulate Stunnel to work with your environment.<\/li>\n<\/ul>\n<pre style=\"padding-left: 30px;\">pid=\r\ncert=\/usr\/local\/etc\/stunnel\/stunnel.pem\r\nforeground=yes\r\ndebug=7<\/pre>\n<pre style=\"padding-left: 30px;\">[https]\r\naccept=&lt;HTTPS ACCEPTING PORT&gt;\r\nconnect=&lt;LOCAL PORT YOUR DJANGO SERVER IS USING&gt;\r\nTIMEOUTclose=1<\/pre>\n<ul>\n<li>Save the file (For vim: ESC \u2018:wq\u2019 ENTER).<\/li>\n<\/ul>\n<p><a href=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/config.png\"><img decoding=\"async\" class=\"aligncenter size-medium wp-image-831\" alt=\"config\" src=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/config-300x149.png\" width=\"300\" height=\"149\" srcset=\"https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/config-300x149.png 300w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/config.png 343w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<ul>\n<li>Start the Stunnel HTTPS tunneling service.<\/li>\n<\/ul>\n<pre style=\"padding-left: 30px;\">sudo stunnel &lt;PATH OF dev_https&gt;\r\n\r\n<a href=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/stunnel.png\"><img fetchpriority=\"high\" decoding=\"async\" class=\"aligncenter size-medium wp-image-832\" alt=\"stunnel\" src=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/stunnel-233x300.png\" width=\"233\" height=\"300\" srcset=\"https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/stunnel-233x300.png 233w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/stunnel.png 579w\" sizes=\"(max-width: 233px) 100vw, 233px\" \/><\/a><\/pre>\n<ul>\n<li>Next, start your Django server.<\/li>\n<\/ul>\n<pre style=\"padding-left: 30px;\">python manage.py runserver 127.0.0.1:&lt; LOCAL PORT YOUR DJANGO SERVER IS USING&gt;\r\n\r\n<a href=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/django.png\"><img decoding=\"async\" class=\"aligncenter size-medium wp-image-833\" alt=\"django\" src=\"http:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/django-300x19.png\" width=\"300\" height=\"19\" srcset=\"https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/django-300x19.png 300w, https:\/\/somethingk.com\/main\/wp-content\/uploads\/2014\/03\/django.png 633w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/pre>\n<p style=\"padding-left: 30px;\">Note \u2013 I used 127.0.0.1 purposefully as my hosting IP address, I only want Django to run locally. I do not want the server to run on a public\/accessible IP. \u00a0Only stunnel will receive web requests.<\/p>\n<p>That\u2019s it! Now stunnel is listening for all encrypted, incoming messges on whatever port you specified. When a request comes in, it will decrypt it and send it locally to your Django server. Following, Django will then respond through the tunnel to the requesting client with the proper data.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Django comes packaged with a lightweight python server. It is not intended to be a production server but more a testing\/development host. Running the server is as easy as running the following command within a Django project: python manage.py runserver Since it\u2019s so lightweight, it doesn\u2019t come with the same abilities as other servers like Apache or Nginx. It can\u2019t [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[177,6,72],"tags":[118,87,241,247,242,246,339,243,128,244,129,245],"class_list":["post-829","post","type-post","status-publish","format-standard","hentry","category-development","category-linux","category-python","tag-django","tag-encryption","tag-local","tag-mac","tag-native","tag-osx","tag-python","tag-server","tag-ssl","tag-stunnel","tag-tls","tag-tunnel"],"_links":{"self":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/829","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/comments?post=829"}],"version-history":[{"count":3,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/829\/revisions"}],"predecessor-version":[{"id":835,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/posts\/829\/revisions\/835"}],"wp:attachment":[{"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/media?parent=829"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/categories?post=829"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/somethingk.com\/main\/wp-json\/wp\/v2\/tags?post=829"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}