Skip to main content
  1. My Blog Posts and Stories/

Getting this to Https

··411 words·2 mins
Security Deployment Flask Python
Table of Contents

Boredom strikes again #

Another boring day. What do I do? View dem jokes to cheer me up of course. After randomly clicking the jokes a few times, this popped up What Screams insecurity? HTTP. Oh hell naw, as a security student, how can I leave my webpage at HTTP, Blasphemy. I even learnt about secure channels in my Cyber security lessons.

Challenge Accepted
Challenge Accepted Meme

Time to become security master #

Time to get my website to HTTPS! What does that mean though? It will mean that I will have to find a root CA willing to give me a certificate for my website to say that I am legit. Similar to when I am searching for a domain, I only want to do it if it is free (Poor University student here).

Using my masterful googling skills that I picked up in school, I found this website that gave free certificates which lasts for 90 days. Sooo that means I can get a free certificate as long as I renew them once every 90 days. Good enough for me.

The steps to obtain the certificate as also relatively simple.

  1. Give them the link to my website
  2. Choose the type of cert that I want (90 days because that one is free)
  3. Generate contact information for the certificate
  4. Validate that the website is owned by me by putting a file at a particular link for my website.

Adding the certificate in flask #

After all of that they gave me my certificate and its time for me to upgrade my website! Back to my best friend python

if __name__ == '__main__':

    # Run the application
    app.run(
        '0.0.0.0',
        80,
        ssl_context=(
            "path_to_certificate.crt",
            "path_to_private_key.key"
        )
    )

After putting the certificate into a folder, the code above will allow the flask to run my website with the certificate as the path to the certificate I provided with the private key provided. Now it’s time to test the website!

The moment of brain fart #

OMG, it says that that website is down. How can this happen? I just got my certificate. Welp dumbass I forgot that the default port for my website at HTTP is 80 but the default port for HTTPS websites is 443.

Facepalm
Facepalm Meme

Well well well, guess how long it took before I figured it out?

It took me another few hours of pulling my hair out to figure that out (Coding in a nut shell). Welp, I guess that’s another milestone down! Woohoo :D