I can not connect to https waitress wsgi server

2019-02-18 01:05发布

I have tried the tutorial of python pyramid framework but, https connection, no matter how able to waitress. http://docs.pylonsproject.org/projects/pyramid/en/latest/tutorials/wiki2/installation.html

If you look at the documents of waitress, there is an item called 'url_scheme' in pasteDeploy format. I tried to add the following to development.ini:

# # #
# Wsgi server configuration
# # #

[server: main]
use = egg:waitress#main
host = 0.0.0.0
port = 6543
url_scheme = https

But, it seems to be listening for http connections be performed pserve command.

$ serve development.ini - reload
Starting subprocess with file monitor
Starting server in PID 2757.
serving on http://0.0.0.0:6543

There is no response when accessed by browser in this state. Application I'm trying to create is expecting a https access, but do you think there is a package needed for something else. Or Do I fundamentally wrong somewhere? I would appreciate the advice of experts.

Environment in fedora19, python 3.3.2. the following packages that are included in the virtualenv:

Chameleon == 2.12
Mako == 0.9.0
MarkupSafe == 0.18
PasteDeploy == 1.5.0
Pygments == 1.6
SQLAlchemy == 0.8.2
WebOb == 1.2.3
coverage == 3.7
nose == 1.3.0
pyramid == 1.4.5
pyramid-debugtoolbar == 1.0.8
pyramid-mako == 0.2
pyramid-tm == 0.7
repoze.lru == 0.6
transaction == 1.4.1
translationstring == 1.1
tutorial == 0.0
venusian == 1.0a8
waitress == 0.8.7
zope.deprecation == 4.0.2
zope.interface == 4.0.5
zope.sqlalchemy == 0.7.3

Please tell us the location of the document would be helpful to me means. Thank you very much!

1条回答
在下西门庆
2楼-- · 2019-02-18 02:00

Waitress does not actually support decoding https requests. The only way to support https is by putting waitress behind a reverse proxy such as nginx. You then allow nginx to decrypt the request and pass it on to waitress. The problem here is that waitress now thinks it's serving an http request because thats what it sees from nginx. The url_scheme setting is for telling waitress that all requests coming into waitress are actually https, which it can then forward on to the application, which uses that fact to help your application generate urls using the https scheme instead of http.

Hopefully that makes sense but either way it should be clear to you that your https setup is not going to work when no where in your pastes have you actually created a certificate or a private key.

查看更多
登录 后发表回答