How to Enable HTTPS for Local Flask Development
By following this guide, you will be equipped to run a local Flask server and access it's routes securely via HTTPS. There are a few situations where this is a requirement, such as enabling OAuth authentication with GitHub using Flask-Dance.
This guide assumes that you are using Linux, specifically Ubuntu in my case, and that you have enough knowledge to follow along with any linked pages and examples.
Requirements
- OpenSSL
- Python 3.x with a Flask server.
Certificate Generation
To use HTTPS with Flask, you need both a certificate signing request (CSR) and a CRT file. These can both be generated using the OpenSSL CLI and the following command:
openssl req -new -newkey rsa:2048 -nodes -keyout https.key -x509 -days 3650 -out https.crt
For further details, refer to the official documentation.
| Segment | Description |
|---|---|
| openssl req | Use the OpenSSL certificate generating utility. |
| -new | Generate a new CSR file. |
| -newkey rsa:2048 | Generate and use an RSA key of 2048 bits. |
| -nodes | Do not encrypt the output key, to avoid entering a passphrase when generating the RSA key. |
| -keyout https.key | Save the private key as https.key. |
| -x509 | Output a self-signed certificate, instead of a certificate request. |
| -days 3650 | Ensure the certificate is valid for 10 years. This is normally considered overkill, but we are only using the certificate for local development. |
| -out https.crt | Save the certificate as https.crt. |
Enabling HTTPS
To enable HTTPS in your Flask application, use the following command:
flask run --cert=https.crt --key=https.key
This command instructs Flask to run your application with the specified SSL certificate (https.crt) and private key (https.key), enabling HTTPS communication between the client and server.