Popular Python recipes tagged "https"http://code.activestate.com/recipes/langs/python/tags/https/2011-10-05T15:29:44-07:00ActiveState Code RecipesSecurely processing Twilio requests from Tornado (Python)
2011-10-05T15:29:44-07:00Jesse Davishttp://code.activestate.com/recipes/users/4175348/http://code.activestate.com/recipes/577893-securely-processing-twilio-requests-from-tornado/
<p style="color: grey">
Python
recipe 577893
by <a href="/recipes/users/4175348/">Jesse Davis</a>
(<a href="/recipes/tags/authentication/">authentication</a>, <a href="/recipes/tags/http/">http</a>, <a href="/recipes/tags/https/">https</a>, <a href="/recipes/tags/nginx/">nginx</a>, <a href="/recipes/tags/telephony/">telephony</a>, <a href="/recipes/tags/tornado/">tornado</a>, <a href="/recipes/tags/twilio/">twilio</a>).
</p>
<p>Twilio is a telephony service that POSTs to a callback URL on your server and asks you what to do when it receives phone calls or SMSes to the numbers you rent from Twilio. But securing your communications with Twilio can be complex if you're using Tornado behind Nginx. This shows you how to protect your Twilio callback URL with HTTP Authentication, request-signing, and (optionally) SSL.</p>
<p>I'm using HTTP Authentication code from Kevin Kelley, and I wrote the rest myself.</p>
HTTPS httplib Client Connection with Certificate Validation (Python)
2011-01-18T18:30:45-08:00Marcelo Fernándezhttp://code.activestate.com/recipes/users/4173551/http://code.activestate.com/recipes/577548-https-httplib-client-connection-with-certificate-v/
<p style="color: grey">
Python
recipe 577548
by <a href="/recipes/users/4173551/">Marcelo Fernández</a>
(<a href="/recipes/tags/certificate/">certificate</a>, <a href="/recipes/tags/client/">client</a>, <a href="/recipes/tags/client_server/">client_server</a>, <a href="/recipes/tags/httplib/">httplib</a>, <a href="/recipes/tags/https/">https</a>, <a href="/recipes/tags/networking/">networking</a>, <a href="/recipes/tags/ssl/">ssl</a>, <a href="/recipes/tags/validation/">validation</a>).
</p>
<p>Despite httplib.HTTPSConnection lets the programmer specify the client's pair of certificates, it doesn't force the underlying SSL library to check the server certificate against the client keys (from the client point of view).</p>
<p>This class allows to force this check, to ensure the python client is connecting to the right server.</p>
M2Crypto-compatible root certificate list generator (Python)
2010-08-25T00:49:48-07:00Mike Ivanovhttp://code.activestate.com/recipes/users/4169853/http://code.activestate.com/recipes/577370-m2crypto-compatible-root-certificate-list-generato/
<p style="color: grey">
Python
recipe 577370
by <a href="/recipes/users/4169853/">Mike Ivanov</a>
(<a href="/recipes/tags/authority/">authority</a>, <a href="/recipes/tags/certificate/">certificate</a>, <a href="/recipes/tags/cryptography/">cryptography</a>, <a href="/recipes/tags/https/">https</a>, <a href="/recipes/tags/pem/">pem</a>, <a href="/recipes/tags/ssl/">ssl</a>).
</p>
<p>This modified version of the Heikki Toivonen's certdata2pem script automatically downloads the freshest certdata.txt file and converts it to PEM format. Requires M2Crypto. </p>
Simple HTTP server supporting SSL secure communications (Python)
2008-08-02T16:04:56-07:00Sebastien Martinihttp://code.activestate.com/recipes/users/2637141/http://code.activestate.com/recipes/442473-simple-http-server-supporting-ssl-secure-communica/
<p style="color: grey">
Python
recipe 442473
by <a href="/recipes/users/2637141/">Sebastien Martini</a>
(<a href="/recipes/tags/https/">https</a>, <a href="/recipes/tags/openssl/">openssl</a>, <a href="/recipes/tags/ssl/">ssl</a>, <a href="/recipes/tags/web/">web</a>).
Revision 8.
</p>
<p>This recipe describes how to set up a simple HTTP server supporting SSL secure communications. It extends the SimpleHTTPServer standard module to support the SSL protocol. With this recipe, only the server is authenticated while the client remains unauthenticated (i.e. the server will not request a client certificate). Thus, the client (typically the browser) will be able to verify the server identity and secure its communications with the server.</p>
<p>This recipe requires you already know the basis of SSL and how to set up <a href="http://www.openssl.org">OpenSSL</a>. This recipe is mostly derived from the examples provided with the <a href="http://pyopenssl.sourceforge.net">pyOpenSSL</a> package.</p>
<h5>In order to apply this recipe, follow these few steps:</h5>
<ol>
<li>Install the OpenSSL package in order to generate key and certificate. Note: you probably already have this package installed if you are under Linux, or *BSD.</li>
<li>Install the pyOpenSSL package, it is an OpenSSL library binding. You'll need to import this module for accessing OpenSSL's components.</li>
<li>Generate a self-signed certificate compounded of a certificate and a private key for your server with the following command (it outputs them both in a single file named server.pem):
<code>openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes</code></li>
<li>Assuming you saved this recipe in SimpleSecureHTTPServer.py, start the server (with the appropriate rights):
<code>python SimpleSecureHTTPServer.py</code></li>
<li>Finally, browse to <a href="https://localhost">https://localhost</a>, or <a href="https://localhost:port" rel="nofollow">https://localhost:port</a> if your server listens a different port than 443.</li>
</ol>