Home > front end >  SSL certificates and https for AWS hosted django site
SSL certificates and https for AWS hosted django site

Time:11-16

I have a django site hosted on elastic beanstalk. I have obtained a AWS SSL certificate and this has been associated with the load balancer 443 HTTPS port.

In my config file I have:

MIDDLEWARE = [
...
    "django.middleware.csrf.CsrfViewMiddleware",
]

CSRF_COOKIE_HTTPONLY = False
SESSION_COOKIE_HTTPONLY = True

With this setup I am able to login to the site but the browser displays 'not secure' in the address bar, and if I prepend 'https://' to the urls I get a page stating the connection is not private.

If I add

SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True

Then it becomes impossible to login (the login page just reloads) or if I got to a incognito browser I get a 'CSRF verification failed. Request aborted.' message.

Apologies for the long question, I've just tried to include ay detail that may be relevant

CodePudding user response:

In settings.py Add IP and domain in ALLOWED_HOSTS list. You can put *, but it is not recomended. * means all host are allowed here.

ALLOWED_HOSTS = ['your_ip']

CodePudding user response:

I had my load balancer listener configured wrong for port 4443. I had the instance port and instance protocol as 443 and https whereas they should be 80 and http

Page link:https//www.codepudding.com/frontend/193078.html

Prev:HTTPS client authentication self signed certificate
Next:Is it possible to create custom commands in Playwright?
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding