From 74a536cc4e1bd62c40a48cbdf2c2ea4c476740f7 Mon Sep 17 00:00:00 2001 From: Julius Heitkoetter Date: Tue, 28 Nov 2023 17:16:05 -0500 Subject: [PATCH] making temporary files for ssl certificates --- a2rchi/bin/service_chat.py | 21 ++++++++++++++++++--- 1 file changed, 18 insertions(+), 3 deletions(-) diff --git a/a2rchi/bin/service_chat.py b/a2rchi/bin/service_chat.py index 8605d79..6a6624b 100644 --- a/a2rchi/bin/service_chat.py +++ b/a2rchi/bin/service_chat.py @@ -7,6 +7,7 @@ from flask import Flask from flask_login import LoginManager +import tempfile global_config = Config_Loader().config["global"] app_config = Config_Loader().config["interfaces"]["chat_app"] @@ -79,10 +80,24 @@ def load_user(user_id): print(f"Starting Chat Service with (host, port): ({app_config['HOST']}, {app_config['PORT']})") app = FlaskAppWrapper(app) if app_config["HOSTNAME"] == "a2rchi.mit.edu": + print("Adding SSL certificates for a2rchi.mit.edu") - certificate_path = os.getenv("A2RCHI_SSL_CERTIFICATE_FILE") - key_path = os.getenv("A2RCHI_SSL_CERTIFICATE_KEY_FILE") - app.run(debug=True, port=app_config["PORT"], host=app_config["HOST"], ssl_context=(certificate_path, key_path)) + + #get the ssl cert and key and save them to temporary files + ssl_cert = read_secret("A2RCHI_SSL_CERTIFICATE") + ssl_key = read_secret("A2RCHI_SSL_CERTIFICATE_KEY") + cert_file = tempfile.NamedTemporaryFile(delete=False) + key_file = tempfile.NamedTemporaryFile(delete=False) + cert_file.write(ssl_cert.encode()) + key_file.write(ssl_key.encode()) + + app.run(debug=True, port=app_config["PORT"], host=app_config["HOST"], ssl_context=(cert_file.name, key_file.name)) + + #remove the temp ssl cert and key temp files + os.unlink(cert_file.name) + os.unlink(key_file.name) + else: + print("No SSL certificate for this server found. Starting up with adhoc SSL certification") app.run(debug=True, port=app_config["PORT"], host=app_config["HOST"], ssl_context="adhoc") \ No newline at end of file