after migrating my Django web app from HTTP to https, when I type
for example r= requests.get('http://xxxx.com')
it gives me this error:
requests.exceptions.SSLError: HTTPSConnectionPool(host=my_host_name,port:443) Max retries exceeded with url:http://xxxx.com (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:749)'),))
but I made the nginx config for the redirection for example when I put any HTTP address on my browser it redirects me to the correct https address.
I would like to do the same thing on the API request.
I don't like to change my requests addresses on my backend code I just want to redirect the HTTP requests to https if it is possible?
my nginx config:
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
proxy_cache_path /path/cache keys_zone=cache:10m levels=1:2 inactive=600s
max_size=100m;
default_type application/octet-stream;
log_format compression '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio"';
access_log /path/access.log;
error_log /Path/error.log error;
gzip on;
gzip_disable "msie6";
text/xml application/xml application/xml+rss text/javascript;
upstream app_servers {
server 127.0.0.1:8080;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl on;
ssl_certificate /PATH/certificate.crt;
ssl_certificate_key /PATH/certificate.key;
proxy_cache cache;
proxy_cache_valid 200 1s;
#ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
server_name my_host_name;
access_log /path/nginx-access.log compression;
location /static/ {
alias /path/static/;
}
location /nginx_status {
stub_status on;
allow all;
deny all;
}
location / {
proxy_pass http://127.0.0.1:8000;
proxy_set_header Host $host;
proxy_pass_request_headers on;
proxy_read_timeout 1200;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
}
}
server {
listen 9999 ;
server_name my_host_name ;
return 307 https://my_domain.com$request_uri;
}
}
The error kind of puzzles me, but in you Nginx config file, I see that you're not listening on the default HTTP port. You should add a server block that listens on the HTTP (80) port, and redirect to https (443) from there.
Add this block inside your http:
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name my_host_name;
return 301 https://$host$request_uri;
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.