Here I’m going to implement SSL in Django project which will access through custom port. To do this I’m going to use Apache, for SSL I’m going to use letsencrypt and my Django project containerize in docker. I’m going to bring content through Apache proxy technique.
First of all we need to execute (any) Django project. Please follow Create Docker Container for Hello World with Django and uWsgi Server to create a simple Hello World Django project. We are going to uwsgi socket instead of http server. So, in Dockerfile last line need to change as follows –
ENTRYPOINT ["uwsgi", "--socket", ":9000", "--workers", "4", "--master", "--enable-threads", "--module", "helloworlddjango.wsgi"]
Now we have our project up and running. Now in Apache create entry for our domain and using certbot of letsencrypt install SSL. Please point document root in any safe location, we will use that document root to install SSL and then we will point our uWsgi server to bring content from our project. There has a lot of resource in internet to achieve this. Please configure such way that domain will redirect non-ssl to ssl url automatically.
After successfully access of domain securely we can move to change SSL port. To do this we need to change listen of Apache configuration. In my server I need to change /etc/apache2/ports.conf (it may vary server to server). Following commands need to use to access custom port –
<IfModule ssl_module>
Listen 443
Listen 59222
</IfModule>
Now we need to install “libapache2-mod-proxy-uwsgi” module to access content through Apache proxy technique.
sudo apt-get install libapache2-mod-proxy-uwsgi
Also we need to enable proxy at apache2
sudo a2enmod proxy
sudo a2enmod proxy_uwsgi
We are ready to access our Django project content. We need to append following configuration into our domain configuration of Apache server. In my case file location is /etc/apache2/sites-enabled/helpabodessltest.shahadathossain.com-le-ssl.conf
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / uwsgi://127.0.0.1:9000/ keepalive=On
ProxyPassReverse / uwsgi://127.0.0.1:9000/
Please note, we need to put these code inside “VirtualHost” block. Also need to change “VirtualHost” tag like as follows –
<VirtualHost *:59222>
Also we can put redirect code in Apache from http to https with custom port like following code. Note that we need to put this code into general (80) configuration of the domain (also inside VirtualHost block)
RewriteEngine on
RewriteCond %{SERVER_NAME} =helpabodessltest.shahadathossain.com
RewriteRule ^ https://%{SERVER_NAME}:59222%{REQUEST_URI} [END,NE,R=permanent]
That’s all, we need to restart Apache server. If everything goes fine we can visit our domain with custom port to see “Hello World” output in browser. Thanks.