librelist archives

« back to archive

Flask, Gunicorn, SSL and /static content

Flask, Gunicorn, SSL and /static content

From:
Henry Cooke
Date:
2014-06-30 @ 17:02
Hello all,

I'm having terrible trouble with with the above. Essentially, I've taken an
app which was running as straight HTTP and changed the gunicorn config to
use SSL keys, more or less as described here[1].

This is all good, to the extent that Flask-generated content is rendering
and being served out to browsers at https:// urls. However, static content
is not getting served correctly, with the following errors:
SSL3_GET_RECORD:wrong version number
ERR_CONTENT_LENGTH_MISMATCH

A bit of googling reveals this[2] post from this very mailing list on the
subject from last year. However, it's not very conclusive, with the thread
leading to a 404'd patch on github and a long-stale revision of gunicorn.
This led me to believe that the patch & fix had been merged into gunicorn,
but the fact that I'm having (what looks like) exactly the same problem
would suggest not.

Does anybody have any advice on how to fix this? In an ideal world, I'd
have gunicorn / flask bound to both port 80 and port 443 of my machine,
serving secure and non-secure stuff on the relevant ports. I've got no idea
how to set that up though (gunicorn's docs are rather sparse), so I'd
settle for everything being served properly over https.

Cheers,
Henry

[1] http://stackoverflow.com/questions/7406805/running-gunicorn-on-https
[2]

http://librelist.com/browser//flask/2013/11/8/flask+ssl+gunicorn+static-files-problem/#ce505ec773e7ed9f79f0f2a63188120c

Re: [flask] Flask, Gunicorn, SSL and /static content

From:
Inada Naoki
Date:
2014-06-30 @ 17:54
What version of gunicorn do you use?
Gunicorn 18 sends file with sendfile. It passes TLS and write file
content directly to socket.
Use Gunicorn 19.


https://github.com/benoitc/gunicorn/commit/7d10d8638f2dbe0b40b87cf377f660d66f717482
https://github.com/benoitc/gunicorn/blob/master/docs/source/2014-news.rst

On Tue, Jul 1, 2014 at 2:02 AM, Henry Cooke <me@prehensile.co.uk> wrote:
> Hello all,
>
> I'm having terrible trouble with with the above. Essentially, I've taken an
> app which was running as straight HTTP and changed the gunicorn config to
> use SSL keys, more or less as described here[1].
>
> This is all good, to the extent that Flask-generated content is rendering
> and being served out to browsers at https:// urls. However, static content
> is not getting served correctly, with the following errors:
> SSL3_GET_RECORD:wrong version number
> ERR_CONTENT_LENGTH_MISMATCH
>
> A bit of googling reveals this[2] post from this very mailing list on the
> subject from last year. However, it's not very conclusive, with the thread
> leading to a 404'd patch on github and a long-stale revision of gunicorn.
> This led me to believe that the patch & fix had been merged into gunicorn,
> but the fact that I'm having (what looks like) exactly the same problem
> would suggest not.
>
> Does anybody have any advice on how to fix this? In an ideal world, I'd have
> gunicorn / flask bound to both port 80 and port 443 of my machine, serving
> secure and non-secure stuff on the relevant ports. I've got no idea how to
> set that up though (gunicorn's docs are rather sparse), so I'd settle for
> everything being served properly over https.
>
> Cheers,
> Henry
>
> [1] http://stackoverflow.com/questions/7406805/running-gunicorn-on-https
> [2]
> 
http://librelist.com/browser//flask/2013/11/8/flask+ssl+gunicorn+static-files-problem/#ce505ec773e7ed9f79f0f2a63188120c



-- 
INADA Naoki  <songofacandy@gmail.com>

Re: [flask] Flask, Gunicorn, SSL and /static content

From:
Henry Cooke
Date:
2014-06-30 @ 21:39
Hey thanks, that worked!


On 30 June 2014 18:54, INADA Naoki <songofacandy@gmail.com> wrote:

> What version of gunicorn do you use?
> Gunicorn 18 sends file with sendfile. It passes TLS and write file
> content directly to socket.
> Use Gunicorn 19.
>
>
> 
https://github.com/benoitc/gunicorn/commit/7d10d8638f2dbe0b40b87cf377f660d66f717482
> https://github.com/benoitc/gunicorn/blob/master/docs/source/2014-news.rst
>
> On Tue, Jul 1, 2014 at 2:02 AM, Henry Cooke <me@prehensile.co.uk> wrote:
> > Hello all,
> >
> > I'm having terrible trouble with with the above. Essentially, I've taken
> an
> > app which was running as straight HTTP and changed the gunicorn config to
> > use SSL keys, more or less as described here[1].
> >
> > This is all good, to the extent that Flask-generated content is rendering
> > and being served out to browsers at https:// urls. However, static
> content
> > is not getting served correctly, with the following errors:
> > SSL3_GET_RECORD:wrong version number
> > ERR_CONTENT_LENGTH_MISMATCH
> >
> > A bit of googling reveals this[2] post from this very mailing list on the
> > subject from last year. However, it's not very conclusive, with the
> thread
> > leading to a 404'd patch on github and a long-stale revision of gunicorn.
> > This led me to believe that the patch & fix had been merged into
> gunicorn,
> > but the fact that I'm having (what looks like) exactly the same problem
> > would suggest not.
> >
> > Does anybody have any advice on how to fix this? In an ideal world, I'd
> have
> > gunicorn / flask bound to both port 80 and port 443 of my machine,
> serving
> > secure and non-secure stuff on the relevant ports. I've got no idea how
> to
> > set that up though (gunicorn's docs are rather sparse), so I'd settle for
> > everything being served properly over https.
> >
> > Cheers,
> > Henry
> >
> > [1] http://stackoverflow.com/questions/7406805/running-gunicorn-on-https
> > [2]
> >
> 
http://librelist.com/browser//flask/2013/11/8/flask+ssl+gunicorn+static-files-problem/#ce505ec773e7ed9f79f0f2a63188120c
>
>
>
> --
> INADA Naoki  <songofacandy@gmail.com>
>