I have a Django REST framework API and I have a problem - connection with the server is not encrypted. Is there a method to encrypt the server and the connection to it? I use Django for backend and React.js for frontend.

CodePudding user response：

I use gunicorn as server to deploy django-project apps (never use runserver in production!) and gunicorn can encrypt your traffic: gunicorn-docu

Example for a simple gunicorn-one-liner-start:

gunicorn YOURappNAME.wsgi:application --certfile=server.crt --keyfile=server.key --bind YOURip:YOURport --workers 3 --threads 4 --log-file - --access-logfile - --error-logfile - --worker-tmp-dir /dev/shm --log-level info -e PYTHONUNBUFFERED=TRUE --access-logformat '%(h)s %({X-Forwarded-For}i)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"'

I use this in a container startscript

CodePudding user response：

I assume by encryption you mean SSL/TLS

There are 3 places you can do this:

• Load Balancer eg AWS load balancer
• Dedicated Web Server / Reverse proxy eg nginx
• Directly in the application process eg gunicorn / nodejs