[Answered ]-Mod_wsgi https Error Connection Refused

2👍

You need to specify the --server-name option with the name of the site it is accessible as using the https address. This should match the name the SSL certificates have been set up with.

python manage.py runmodwsgi --host 0.0.0.0 --port 8000 --https-port 8001 --ssl-certificate /path/to/cert/and/key --server-name host.example.com

You would then access it using the URL with the FQDN:

https://host.example.com:8001

If you want to be able to access it from localhost (same system) without needing to provide a FQDN host name, you would use the --allow-localhost option.

python manage.py runmodwsgi --host 0.0.0.0 --port 8000 --https-port 8001 --ssl-certificate /path/to/cert/and/key --server-name host.example.com --allow-localhost

With the latter, even if using an official certificate for the hostname, you will get the browser warning about certificate not matching. For command line HTTP tools like wget and curl you would have to tell them it is an insecure site in these cases.

It is because it is going against how HTTPS and SSL certificates would normally be used, access by name other than the proper server name is only allowed from localhost for testing purposes.

In short, when using HTTPS, you should really always be using a proper host name and not an IP address when accessing the site. If necessary you can create a dummy host mapping in host service file for your system.

For example, in a /etc/hosts file you could add:

127.0.0.1       host.example.com

For further information it is recommended that you use the mod_wsgi mailing list. I don’t as a habit hang out here or answer questions about mod_wsgi here any more and it was by chance this question came to my attention.

Leave a comment