Enforce TLS1.2

SachinPo555 · October 27, 2023, 8:34am

Hi all,

I am using django web server for my application and wish to enforce TLS1.2 connections only.

Can anyone please help ?

Thanks in advance.

KenWhitesell · October 27, 2023, 12:22pm

There is no “Django web server”. In a production environment, you would be running Django behind something like nginx or apache forwarding traffic through gunicorn or uwsgi. It is those components that would be configured to enforce TLS1.2

SachinPo555 · October 27, 2023, 3:32pm

Pardon my limited understanding here, but I am running the python manage.py runsslserver command to spin the application up in prod… the server is a Google cloud VM and OS is RHEL7. Which on would it be using for routing the traffic ?

KenWhitesell · October 27, 2023, 4:03pm

Are you referring to django-sslserver · PyPI ?

If so, this is the package where the very first line of the documentation says:

Django SSL Server is a SSL-enabled development server for the Django Framework.

and the first sentence of the second paragraph says:

Please note that this should not be used for production setups.

[emphasis added on each]

Do yourself a favor, start by reading How to deploy Django | Django documentation | Django and pick a different server for implementation.

Topic		Replies	Views
Secure Websocket (with HTTPS) Deployment	8	11293	March 11, 2023
How are you guyz managing production/development Deployment	9	1083	May 3, 2022
Https during development Deployment	6	17945	March 17, 2024
SSL Configuration issues Using Django	1	1040	October 9, 2020
Make http redirect to https Deployment	2	2843	March 18, 2022

Enforce TLS1.2

Related topics