3

I have a production ready application that I've installed on a VM with CentOS. All dependencies and all other settings are up and running and all that's left for me is to properly configure the gunicorn server and run it with an start.sh script to begin routing web traffic to the app.

However, I'm not sure how I can have gunicorn handle the SSL layer itself. I'd prefer to simply have gunicorn handle the SSL to keep deployments simple and streamlined and not the load balancers.

I've got a my_site.ca-bundle file from an SSL validator.

My bash script looks something like this based off the documentation here and referenced in this stack overflow question

#!/bin/bash


exec gunicorn -w3 --certfile=my_site.crt --keyfile=my_site.key myapp.wsgi:application

However, how do I use the ca-bundle file given these settings referenced in the documentation? I don't actually have my_site.csr and my_site.key since I think both private and public key are inside the ca-bundle file.

Sorry for the super-noob question, first time setting up SSL by hand and not through load balancers. Is there a different gunicorn setting parameter for just a ca-bundle file like AWS?

EazyC
  • 809
  • 1
  • 10
  • 30
  • 1
    How is your question related to programming / code? – Klaus D. Jun 10 '17 at 04:02
  • @KlausD. it's similar to this question https://stackoverflow.com/questions/7406805/running-gunicorn-on-https but I'm just wondering if there's another type of answer available since the one provided there does not answer my question. Thanks – EazyC Jun 10 '17 at 05:09
  • Stack Overflow is a site for programming and development questions. This question appears to be off-topic because it is not about programming or development. See [What topics can I ask about here](http://stackoverflow.com/help/on-topic) in the Help Center. Perhaps [Web Applications Stack Exchange](http://webapps.stackexchange.com/), [Webmaster Stack Exchange](http://webmasters.stackexchange.com/) or [Unix & Linux Stack Exchange](http://unix.stackexchange.com/) would be a better place to ask. – jww Jun 10 '17 at 07:47
  • @EazyC - The question you cited is from 2011. The site's rules were different back then. Back then, some of the other sites were not available to help you. – jww Jun 10 '17 at 07:49

0 Answers0