how to configure django on apache and make https in the apache so that django url should open with https://<ip>:80 port

Question

I want to get django to run on https server securely without using thirdparty packages like runsslserver, or sslserver for that i was this approach

in the settings.py file i have configured these line.

SECURE_SSL_REDIRECT = True

so when giving the url in the browser url able to redirect to https://192.168.31.2/cp_vm/details but i'm getting secure ssl error.

please suggest me any ways to get the output, or running the django on apache with https also fine but i'm able to find the links https://www.digitalocean.com/community/tutorials/how-to-serve-django-applications-with-apache-and-mod_wsgi-on-ubuntu-14-04 but after that giving the ip in the browser 192.168.41.5/cp_vm/details it shows unable to connect.

i'm attaching the apache 000.default.conf file also please help me in this, Pleas forgive me if any mistakes in the above kindly suggest me some pointers so that

1. I can run django on apache server first .
2. Then getting the https// on the same apache server. please provide me some help would be great if any helping hands.

My config file as follows:

<VirtualHost *:80>

    # The ServerName directive sets the request scheme, hostname and port that
    # the server uses to identify itself. This is used when creating
    # redirection URLs. In the context of virtual hosts, the ServerName
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.
    #ServerName www.example.com
    ServerName 10.206.51.6
    ServerAdmin 10.206.51.6
    #ServerAdmin webmaster@localhost
    #DocumentRoot /var/www/html
    DocumentRoot /var/www/nfvs_portal
    ## imc urls
    ProxyPass /imc http://10.206.50.12:8080/imc
    ProxyPassReverse /imc http://10.206.50.12:8080/imc

    <Directory /var/www/html/>
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf

    Alias /static /opt/hpe_nfvs/nfvs_portal/static
    <Directory /opt/hpe_nfvs/nfvs_portal/static>
            Require all granted
    </Directory>

    <Directory /opt/hpe_nfvs/nfvs_portal/nfvs_portal>
            <Files wsgi.py>
                 Require all granted
            </Files>
    </Directory>

    WSGIDaemonProcess nfvs_portal python-path=//opt/hpe_nfvs/nfvs_portal:/opt/hpe_nfvs/nfvs_portal/nfvs_portal/lib/python2.7/site-packages
    WSGIScriptAlias / /opt/hpe_nfvs/nfvs_portal/nfvs_portal/wsgi.py

</VirtualHost>

Answer 1

I faced a lot of troubles and did a lot of homework to complete django site + apache with https configuration on my ubuntu server . And finally, I could able to get it configured successfully and my site is working as expected with https now.

The below are the .py and apache configuration files . Please correct your files and let me know if you still face any issues.

wigs.py

import os
from django.core.wsgi import get_wsgi_application
os.environ.setdefault("DJANGO_SETTINGS_MODULE","go_portal_site.settings")
os.environ['HTTPS'] = "on"
application = get_wsgi_application()

/etc/apache2/sites-enabled/000-default.conf

    <VirtualHost *:80>  
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html
    redirect permanent / https://site.site.com

    Alias /static /home/ubuntu/django_portal/ci/site_portal/portal_site/static
    <Directory /home/ubuntu/django_portal/ci/site_portal/portal_site/static>
        Require all granted
    </Directory>

    <Directory /home/ubuntu/django_portal/ci/site_portal/portal_site/go_portal_site>
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>

    #WSGIDaemonProcess go_portal_site python-path=/home/ubuntu/django_portal/ci/site_portal/portal_site python-home=/home/ubuntu/django_portal/ci/site_portal/portal_site/phase2_env
    WSGIProcessGroup go_portal_site
    WSGIScriptAlias / /home/ubuntu/django_portal/ci/site_portal/portal_site/go_portal_site/wsgi.py
    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerName site.site.com
    Alias /static /home/ubuntu/django_portal/ci/site_portal/portal_site/static
    <Directory /home/ubuntu/django_portal/ci/site_portal/portal_site/static>
        Require all granted
    </Directory>

    <Directory /home/ubuntu/django_portal/ci/site_portal/portal_site/go_portal_site>
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>


    WSGIDaemonProcess go_portal_site python-path=/home/ubuntu/django_portal/ci/site_portal/portal_site python-home=/home/ubuntu/django_portal/ci/site_portal/portal_site/phase2_env
    WSGIProcessGroup go_portal_site
    WSGIScriptAlias / /home/ubuntu/django_portal/ci/site_portal/portal_site/go_portal_site/wsgi.py

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    SSLEngine on
    SSLCertificateFile /etc/apache2/ssl/site.site.com-cer.pem
    SSLCertificateKeyFile /etc/apache2/ssl/site.site.com-key.pem

</VirtualHost>

---

(phase2_env) ubuntu@ip-10-0-10-125:~/django_portal/ci/site_portal/portal_site$ sudo service apache2 restart * Restarting web server apache2 [ OK ] (phase2_env) ubuntu@ip-10-0-10-125:~/django_portal/ci/site_portal/portal_site$

Answer 2

On top of the HTTP server, you need to run an SSL server with Apache2, ie configure a <VirtualHost *:443> . Also, I would let Apache2 handle the redirection instead of Django.

<VirtualHost *:80>
    # Virtual host for the redirection
    ServerName 10.206.51.6
    ServerAdmin 10.206.51.6 # <- This should be an email!
    DocumentRoot /dev/null/

    Redirect permanent / https://10.206.51.6/ # Redirects also what is after the "/"
</VirtualHost>


<VirtualHost *:443>
    # SSL site
    ServerName 10.206.51.6
    ServerAdmin 10.206.51.6 # <- This should be an email!
    DocumentRoot /var/www/nfvs_portal/

    SSLCertificateFile /etc/apache2/certs/your-server-certificate.pem
    SSLCertificateKeyFile /etc/apache2/certs/your-server-certificate.key.pem

    # ... [The rest of your site configuration]
</VirtualHost>

If you get into trouble even with this configuration, I would split the problem in (1) making Apache2 manage to redirect and serve a static SSL page in your document root (without using WSGI), and (2) modify that configuration to use your Django site.