How to Enable HTTPS for Local Flask Development

Published — Edited

By following this guide, you will be equipped to run a local Flask server and access it's routes securely via HTTPS. There are a few situations where this is a requirement, such as enabling OAuth authentication with GitHub using Flask-Dance.

This guide assumes that you are using Linux, specifically Ubuntu in my case, and that you have enough knowledge to follow along with any linked pages and examples.


Certificate Generation

To use HTTPS with Flask, you need both a certificate signing request (CSR) and a CRT file. These can both be generated using the OpenSSL CLI and the following command:

openssl req -new -newkey rsa:2048 -nodes -keyout https.key -x509 -days 3650 -out https.crt

For further details, refer to the official documentation.

Segment Description
openssl req Use the OpenSSL certificate generating utility.
-new Generate a new CSR file.
-newkey rsa:2048 Generate and use an RSA key of 2048 bits.
-nodes Do not encrypt the output key, to avoid entering a passphrase when generating the RSA key.
-keyout https.key Save the private key as https.key.
-x509 Output a self-signed certificate, instead of a certificate request.
-days 3650 Ensure the certificate is valid for 10 years. This is normally considered overkill, but we are only using the certificate for local development.
-out https.crt Save the certificate as https.crt.

Enabling HTTPS

To enable HTTPS in your Flask application, use the following command:

flask run --cert=https.crt --key=https.key

This command instructs Flask to run your application with the specified SSL certificate (https.crt) and private key (https.key), enabling HTTPS communication between the client and server.