Flask with two way SSL

Flask with two way SSL

For two way SSL :

http://wccandlinux.blogspot.in/2016/07/how-to-configure-twoway-ssl-in-apache.html

For Flask in Apache using WSGI

http://wccandlinux.blogspot.in/2017/05/python-flask-installation-creating-and.html

1. Edit WSGI virtual host

Add :

RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"

WSGISocketPrefix /var/run/wsgi

<VirtualHost _default_:443>
ServerName st.company.com
WSGIDaemonProcess yourapplication user=apache group=apache threads=5
WSGIScriptAlias /cotton /var/www/flask/cotton/myapp.wgi
RequestHeader set SSL_CLIENT_S_DN "%{SSL_CLIENT_S_DN}s"
 <Directory /var/www/flask/cotton/>
WSGIProcessGroup yourapplication
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
      

this will provide in SSL DN details in request.environ



'HTTP_SSL_CLIENT_S_DN': '/C=IN/L=Bangalore/O=EcmTest Vms/CN=Sterin'




request.headers.get('SSL_CLIENT_S_DN_CN') wont work properly

2. Add login in flask py file

@app.route('/ServerStatus')

def ServerStatus():
     user=""
    s_dn= (request.environ.get('HTTP_SSL_CLIENT_S_DN'))
    if s_dn:
          user = dict([x.split('=') for x in s_dn.split('/')[1:]])['CN']
    if user is not None and user != '':
      return render_template('login.html',user=user)
    else:
      return redirect('/')