SSL

Using a dedicated reverse proxy such as nginx or Apache is strongly recommended. They are much more secure than Django, and have plenty of tutorials available.

Enabling SSL

 web:
   # This is used for various scripts to send jobs to PtpUploader remotely
   api_key:
   # Allows controlling the pop-up on the upload page
   file_selector_root:
   address:
   ssl:
-    enabled: false
-    key:
-    cert:
+    enabled: true
+    key: path/to/server.key
+    cert: path/to/server.crt

A properly signed certificate (letsencrypt's is completely free to use and well-documented!) recommended, however you can generate your own certificate instead. It's just as secure, but your browser will throw errors when you try to first connect.

Generating self-signed certificates natively

• Remove the key and cert entries from config.yml
• Install the cryptography library

# source ~/.venv/ptpuploader/bin/activate # Optional, if a virtualenv was used during installation.
pip3 install cryptography

• Start PtpUploader. The certs will be automatically generated and placed in ~/config/ptpuploader/

Generating self-signed certificates with openssl

openssl genrsa -des3 -passout pass:1234 -out server.pass.key 2048
openssl rsa -passin pass:1234 -in server.pass.key -out server.key
rm server.pass.key
openssl req -new -batch -key server.key -out server.csr
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
rm server.csr