SSL, Django Development Server and Chrome

I am developing a Django site that uses Stripe. Even for testing, Stripe requires HTTPS. In the past, I used django-sslserver version 0.19 and ignored the complaining Chrome made about the certificate being self signed. Today (Sept 2017), none of that worked.

First thing I did was upgrade django-sslserver to 0.20. This crashed with an error related to:

ssl.PROTOCOL_TLSv1_2

It turns out ssl is built into Python and that constant is not defined in version 2.7.6. Reverting back to django-sslserver to 0.19 solved that problem.

Next, Chrome/Stripe will no longer let you ignore the SSL certificate warnings. This blog post by Alexander Zeitler does a pretty good job explaining how solve this problem. If you run into this problem:

error on line -1 of /dev/fd/11
140736435860488:error:02001009:system library:fopen:Bad file descriptor:bss_file.c:175:fopen('/dev/fd/11','rb')
140736435860488:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:184:
140736435860488:error:0E078002:configuration file routines:DEF_LOAD:system lib:conf_def.c:197:

remove sudo from createselfsignedcertificate.sh and run the script using sudo.

When all of that is done, you need to tell Chrome to trust your Certificate Authority by going to “Advanced Settings -> Manage Certificates”, then “Authorities/Import. Select the rootCA.pem in the ssl directory created by the scripts above.

This probably already setup on your machine, but you need to check the file /etc/hosts to make sure localhost points to the IP address django-sslserver is using (most likely 127.0.0.1). Then in the browser go to:

https://localhost:8000/

Launch django-sslserver using something like:

python manage.py runsslserver --certificate ~/ssl/server.crt --key ~/ssl/server.key

 

Advertisements

PyCharm, Django Dev Server and “password authentication failed for user”

This stuff drives me crazy. I was cruising along, run the Django dev server from the command line. Everything was working well. Then I decided to do some debugging, so I configured the PyCharm Django dev server and got this error:

django.db.utils.OperationalError: FATAL:  password authentication failed

Huh? It was just working. Here’s what was happening. I should mention I was using PostgreSQL. In my local settings file I have:

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': DB_NAME,
        'USER': 'roi_erp',
        'PASSWORD': os.environ.get('LOCAL_DB_PASSWORD', get_secrets('DB_PASSWORD')),
        'HOST': os.environ.get('POSTGRESQL_HOST', 'localhost'),
        'PORT': '',
    }
}

First I try to get the DB password from a local environmental variable. If that fails, I look in my project secrets file. My local .pgpass has the LOCAL_DB_PASSWORD, but not the one in secrets. When I ran from the command line, LOCAL_DB_PASSWORD was defined. When I ran from PyCharm, it wasn’t, hence the error message. To solve the problem, I set LOCAL_DB_PASSWORD in PyCharm.

Maybe I should just make the python settings code fail if LOCAL_DB_PASSWORD.