This article is intended for development environments and testing only, we highly recommend not following this article for production. The Search & Generative AI Orchestration Framework is delivered as a web application hence the HTTPS configuration is inherent to each project and architecture.


Before starting with this step by step you may want to read the articles dedicated to this matter in the FastAPI documentation about HTTPS and Deployments Concepts of FastAPI documentation.

Creating self signed certificates

Step-by-step guide

  1. Download the OpenSSL Installer to create self signed certificates (make sure to uncheck the donation boxes before finishing the installation wizard)
    Finish installing OpenSSL

  2. Find the location where you installed it and make it an environmental variable or run it from the folder with the following command: 

    openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt

    For further understanding visit the Open SSL Documentation Site.

  3. Fill the information required by the certificate which consists on a 2 letters code for Country Name, State or Province, Locality Name, Organization Name, Organizational Unit Name, Common Name and an Email Address.

And that's it, now you have 2 files in the current folder named certificate.crt and privateKey.key (which are the names we specified on the command at step 2). We're gonna save those files for later on this tutorial.


Running Search Api with certificates

Again, this tutorial is focused on Uvicorn since that's the web server provided for development and testing purposes for our web application. Follow the instructions bellow:

Step-by-step guide

  1. Copy the files created on the previous guide and paste them in a folder named certs inside the config folder of the S-API.

  2. Go to uvicorn_server.py located at the root folder of S-API and modify 

    uvicorn.run('app.webapp:app', port=SERVER_CONFIG.port, host=SERVER_CONFIG.host, reload=True,
                log_level=SERVER_CONFIG.logging.level.value, workers=SERVER_CONFIG.workers, server_header=False)

    adding the parameters ssl_keyfile and ssl_certfile as shown below

    uvicorn.run('app.webapp:app', port=SERVER_CONFIG.port, host=SERVER_CONFIG.host, reload=True,
                log_level=SERVER_CONFIG.logging.level.value, workers=SERVER_CONFIG.workers, server_header=False,
                ssl_keyfile="config/certs/privateKey.key", ssl_certfile="config/certs/certificate.crt")

And that's it, now you can go to the usual localhost:8085 but this time with https protocol instead.

Related articles