Blog /Django runserver_plus with SSL and Firefox 33

October 15, 2014 15:45 +0000  |  Django 0

So with version 33, Firefox did something rather annoying, they now use a more restrictive library that rejects connections to servers running older versions of SSL. On the one hand, this is pretty awesome because at some point we all need to grow up and start using modern encryption, but on the other, it can make development really difficult when all you really need a an SSL setup -- any SSL setup to make your local development environment Just Work.

We've been using django-extenstion's runserver_plus feature, which is awesome because it includes a browser-based debugger and other really cool stuff, but also importantly, it supports the ability for you to run the Django runserver in SSL mode. This means that you can do stuff like:

./manage.py runserver_plus --cert=/tmp/temporary.cert

And that's enough for you to be able to access your site over SSL:

https://localhost:8000/

However, now that Firefox has thrown this monkeywrench into things, we spent far too much time today trying to figure out what was wrong and how to fix it, so I'm posting the answer here:

Basically, you just need a better cert than the one django-extensions creates for you automatically.

So, instead of just running --cert=/path/to/file and letting runserver_plus create it for you, you should run openssl yourself to create the cert and then point runserver_plus to it:

$ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/temporary-cert.key -out /tmp/temporary-cert.crt
$ ./manage.py runserver_plus --cert=/tmp/temporary-cert.crt

Of course, you can locate temporary-cert.* wherever you like, but you get the idea.

Comments

Post a Comment of Your Own

Markdown will work here, if you're into that sort of thing.