禁用Gunicorn证书验证

时间:2019-07-18 14:23:08

标签: python flask gunicorn

我正在用Flask创建一个应用程序,并且正在使用gunicorn作为我的应用程序服务器。我启用了客户端证书的验证,并且我想知道是否有一种方法可以禁用特定用户的客户端证书验证,或者是否可以使用两个地址:1使用https,另一个使用http。

gunicorn configuration
import ssl


bind = "0.0.0.0:8080"
ca_certs = "certs/ca-crt.pem"
certfile = "certs/server-crt.pem"
keyfile = "certs/server-key.pem"
cert_reqs = ssl.CERT_REQUIRED
worker_class = 'proto_worker.CustomSyncWorker'

from gunicorn.workers.sync import SyncWorker
import werkzeug.serving
import OpenSSL


class CustomSyncWorker(SyncWorker):
    def handle_request(self, listener, req, client, addr):
        cert = client.getpeercert()
        try:
            key = client.get_password()
        except:
            key = ''
        headers = dict(req.headers)
        #headers['CERT'] = dict(cert)
        headers['CERT'] = str(cert)+str(key)
        req.headers = list(headers.items())
        super(CustomSyncWorker, self).handle_request(listener, req, client, addr)

0 个答案:

没有答案