How to enable HTTPS (SSL) on port 5005

Hey guys! So my bot is running on AWS and i’m getting the reply in my browser. But it’s a “http” i.e. it’s not secure port. I need secure port to run with my web app. Whenever I enable the SSL on port 5005 and try to run the bot it gives error and says,

File “/home/ubuntu/.local/lib/python3.6/site-packages/gevent/server.py”, line 256,│

in _tcp_listener │ sock.bind(address) │

OSError: [Errno 98] Address already in use: (‘0.0.0.0’, 5005)

Now when I disable my SSL and run the bot, It runs easily and replies on http call. So how can I convert this http to https? Any help is appreciated.

try to kill the bot already running on 5005.

lsof -i -P -n | grep LISTEN —> this command will give you the process id of 5005 kill <processid of 5005>

actually i want to connect to my app server which is https and rasa bot is http! So it’s saying misaligned data. How do i enable SSL in rasa core? actually no bot is running! This happens when i run bot for 1st time.

Instead of trying to add an SSL cert to Rasa’s “private” API’s I’d recommend using a reverse proxy. You can do this using NGINX or Apache.

You can also create your own HTTP end-point wrapper using Flask and just use the Python API to return responses to your bot. There’s an example of how to do this on this repo.

2 Likes

Hey @rroa can you link me to an apache or nginx solution also. I tried to find some but couldn’t get them to work.

My system: Ubuntu 18.04 LTS, rasa_core 0.12.3, I want to run on port 80 as SSL and my rasa port is 5005: Thanks for your help :):):smile::smile::smile::grin::grin:

Here’s the configuration for the reverse proxy: NGINX Docs | NGINX Reverse Proxy

Here’s documentation on how to configure SSL: Configuring HTTPS servers

Usually, the rule of thumb is, redirecting requests from port 80 to 443, rather than setting up HTTPS on the port 80.

As for the reverse proxy, it is a common action to not expose ports different from the default sockets for HTTP and HTTPS. As you will see on the documentation, your app will still run on port 5055, but it will be accessed via NGINX first. This will allow for interesting scenario configurations, being load balancing one of the best implicit benefits.

2 Likes

so is there any tutorial or link to how i can do that! I’m not that great with servers. :frowning: Have you done anything related to this?

I just sent you documentation on how to do it on the previous post.

This is a very common way of doing things, I’m not sure why you wouldn’t get information on this when doing a quick search.

@rroa hey can ngrok also help me in this problem?If it can how can I set it up in AWS? Thanks

Hey @Akshit, you can use ngrok too to get secured(i.e. HTTPS) url. Try following command where your chatbot app is running - ngrok http 5005.

Once you execute the above command, you would get the HTTPS URL generated by ngork, to be integrated with your UX.

Thanks @arifchauhan I used ngrok to solve my issue and it’s working already. But my question is it that only works for 8hr and stops after 8hr! Also when i set a subdomain it says you need to pay for it! Is there an open source solution for ngrok?

@Akshit, I believe you can register with ngrok website to get continuous access. Use authentication code generated by ngrok website if needed.

yeah I saw that but i’m not sure how to do that in aws instance! I’ll find it. Thanks

Hello @Akshit,

Ngrok is a development tool. Even though it is a great tool, it is not made for long running processes, even when using the premium account. In addition, since it is not a formal web server (it’s a tunneling program), it is not optimized for load balancing and other perks needed when serving production apps over the internet.

I believe the solution has already been discussed and you just need to configure Nginx, the links I provided have step by step guides. Unfortunately, there’s no magical way of doing this with just one step.

4 Likes

HTTPS , but requested an insecure XMLHttpRequest endpoint ‘http://:5005/conversations/default/respond’. This request has been blocked; the content must be served over HTTPS .

@JiteshGaikwad

please help in this how to resolve

@Akshit as rroa explained, you should run your rasabot on http and use a proxy in between for handling https. On AWS you can use an application load balancer for doing that for you.

Hi @Akshit, I am getting following error

certificate verification failed unable to get local issuer certificate rasa

I think disabling ssl verification works here… could you please let me know how to disable ssl verification in rasa

Hey @rroa ,

What are the next steps once you have configured the SSL on the server?

I run the chatbot as a service on an Ubuntu 20.04 server and used this command inside my service configuration

ExecStart=/home/unic/ZenonEnv/bin/python3 -m rasa run -i 127.0.0.1 --cors '*' --model /home/unic/Zenon/models/ --endpoints /home/unic/Zenon/endpoints.yml --credentials /home/unic/Zenon/credentials.yml --ssl-certificate /etc/nginx/ssl/mycert.crt --ssl-keyfile /etc/nginx/ssl/myfile.key --ssl-password /etc/nginx/ssl/key.pass

but it didn’t work.

Can you please help me with that?

Regards,

Vangelis