Document how to run the server with the SSL context in 3.0

[winggo12]

Description

In version 2.9 and before 3.0 , the following code allows the use of ssl to create a security context :

    import ssl
    import connexion
    app = connexion.FlaskApp(__name__, specification_dir="openapi/")
    app.add_api("api.yaml", resolver=RestyResolver('api.v1'))
    ssl_context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
    ssl_context.load_cert_chain(certfile='saved_client.crt', keyfile='saved_client.key')
    ssl_context.load_verify_locations(cafile='saved_ca.crt')

    # Run the server with the SSL context
    app.run(ssl_context=ssl_context, host=os.environ.get("SELF_HOST"), port=int(os.environ.get("SELF_PORT")))

However, the server now responses with

  File "/home/appuser/app.py", line 40, in <module>
    app.run(ssl_context=ssl_context, host=os.environ.get("SELF_HOST"), port=int(os.environ.get("SELF_PORT")))
  File "/home/appuser/.local/share/virtualenvs/appuser-PYjSkq1U/lib/python3.9/site-packages/connexion/apps/abstract.py", line 281, in run
    self.middleware.run(import_string, **kwargs)
  File "/home/appuser/.local/share/virtualenvs/appuser-PYjSkq1U/lib/python3.9/site-packages/connexion/middleware/main.py", line 475, in run
    uvicorn.run(app, **kwargs)
TypeError: run() got an unexpected keyword argument 'ssl_context'

The document in the 3.0 version does not seems to include ssl support , is there any way to include my web cert , private key and ca cert in the future?

[RobbeSneyders]

Hi @winggo12,

You can let your server handle this. As an example, see the uvicorn documentation.

[sumasagrp]

my 50c , best practise would be to pass it thorugh a reverse proxy such as nginx and configure HTTPS there, there is an easy module that automates this for you look up 'let's encrypt for nginx' and its free.