Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
The CLI option to run server over HTTPS is not working
See original GitHub issueDescribe the bug The CLI option to run server over HTTPS is not working
To Reproduce Steps to reproduce the behavior:
- Create a key and a cert file (running below commands for example):
HOSTNAME="$(hostname)" IP="$(hostname -I)" openssl req \ -nodes \ -x509 \ -newkey rsa:4096 \ -sha256 \ -days 3650 \ -keyout key.pem \ -out cert.pem \ -subj "/CN=$HOSTNAME" \ -addext "subjectAltName=DNS:$HOSTNAME,IP:$IP" - Download and try to start LabelStudio with HTTPS support:
/home/labelstudio/.local/bin/label-studio \ --database postgresql \ --cert /home/labelstudio/ssl_certificates/cert.pem \ --key /home/labelstudio/ssl_certificates/key.pem
Expected behavior LabelStudio running with SSL/TLS secured UI connection
Screenshots
No screenshots, but I have the error appearing on screen:
[2021-06-07 14:03:32,818] [label_studio.server::main::327] [ERROR] Label Studio doesn't support SSL web server with cert and key. Use nginx or other servers for it.
Environment (please complete the following information):
- OS: Ubuntu 20.04 Server
- Label Studio Version 1.0.2
- Downloaded and installed using pip
Additional context
Using a separated labelstudio user.
I have read about this topic on the issues, because there is no reference (or at least I couldn’t find) in official documentation.
I read https://github.com/heartexlabs/label-studio/issues/217#issuecomment-590938916 saying that SSL/TLS on webserver is a difficult thing to do, and this one: https://github.com/heartexlabs/label-studio/issues/367, that is written later on time, saying that https is now available within the CLI options.
I saw this document in the 0.8.1 release, where the use of --cert and --key flags are explained, and found https://github.com/heartexlabs/label-studio/pull/350 merged pull request that states “https with ssl support” as a new feature.
Also, if I check the help included with label-studio binary (label-studio --help), I can see options for cert and key files in PEM format, so I am guessing this feature is (or should be) implemented.
Am I confusing with some other feature that also uses certificates and keys? It has something to do with the cert and key creation? Should I use the CLI anyway different?
The output when I try to use those options is:
/home/labelstudio/.local/bin/label-studio \
> --database postgresql \
> --cert /home/labelstudio/ssl_certificates/cert.pem \
> --key /home/labelstudio/ssl_certificates/key.pem \
> --host https://$IP:$PORT
=> Hostname correctly is set to: https://X.X.X.X:8080
=> Database and media directory: /home/labelstudio/.local/share/label-st
udio
=> Static URL is set to: /static/
[2021-06-07 14:03:32,818] [label_studio.server::main::327] [ERROR] Label
Studio doesn't support SSL web server with cert and key.
Use nginx or other servers for it.
Issue Analytics
- State:
- Created 2 years ago
- Comments:7 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Thanks for the response.
It would be easier to automatize the deployment and get https working securely with APIs and GUI, nevertheless, using nginx as a reverse proxy is pretty straightforward, so no problem in my case 😄. I was just wondering why the functionality disappeared over time and I thought that it would be not so hard to get SSL/TLS encryption integrated again, but I am clearly wrong, based on your response; so, again, thanks for your job and your quick response!
If you really want you can make a PR with SSL/TLS support 🙂