Simple HTTP server supporting SSL secure communications (Python)

2008-08-02T16:04:56-07:00

Python recipe 442473 by Sebastien Martini (https, openssl, ssl, web). Revision 8.

This recipe describes how to set up a simple HTTP server supporting SSL secure communications. It extends the SimpleHTTPServer standard module to support the SSL protocol. With this recipe, only the server is authenticated while the client remains unauthenticated (i.e. the server will not request a client certificate). Thus, the client (typically the browser) will be able to verify the server identity and secure its communications with the server.

This recipe requires you already know the basis of SSL and how to set up OpenSSL. This recipe is mostly derived from the examples provided with the pyOpenSSL package.

In order to apply this recipe, follow these few steps:

Install the OpenSSL package in order to generate key and certificate. Note: you probably already have this package installed if you are under Linux, or *BSD.
Install the pyOpenSSL package, it is an OpenSSL library binding. You'll need to import this module for accessing OpenSSL's components.
Generate a self-signed certificate compounded of a certificate and a private key for your server with the following command (it outputs them both in a single file named server.pem): openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
Assuming you saved this recipe in SimpleSecureHTTPServer.py, start the server (with the appropriate rights): python SimpleSecureHTTPServer.py
Finally, browse to https://localhost, or https://localhost:port if your server listens a different port than 443.

HTTPS httplib Client Connection with Certificate Validation (Python)

2011-01-18T18:30:45-08:00

Python recipe 577548 by Marcelo Fernández (certificate, client, client_server, httplib, https, networking, ssl, validation).

Despite httplib.HTTPSConnection lets the programmer specify the client's pair of certificates, it doesn't force the underlying SSL library to check the server certificate against the client keys (from the client point of view).

This class allows to force this check, to ensure the python client is connecting to the right server.

Securely processing Twilio requests from Tornado (Python)

2011-10-05T15:29:44-07:00

Python recipe 577893 by Jesse Davis (authentication, http, https, nginx, telephony, tornado, twilio).

Twilio is a telephony service that POSTs to a callback URL on your server and asks you what to do when it receives phone calls or SMSes to the numbers you rent from Twilio. But securing your communications with Twilio can be complex if you're using Tornado behind Nginx. This shows you how to protect your Twilio callback URL with HTTP Authentication, request-signing, and (optionally) SSL.

I'm using HTTP Authentication code from Kevin Kelley, and I wrote the rest myself.

M2Crypto-compatible root certificate list generator (Python)

2010-08-25T00:49:48-07:00

Python recipe 577370 by Mike Ivanov (authority, certificate, cryptography, https, pem, ssl).

This modified version of the Heikki Toivonen's certdata2pem script automatically downloads the freshest certdata.txt file and converts it to PEM format. Requires M2Crypto.

Most viewed recipes tagged "https"

Simple HTTP server supporting SSL secure communications (Python)

In order to apply this recipe, follow these few steps:

HTTPS httplib Client Connection with Certificate Validation (Python)

Securely processing Twilio requests from Tornado (Python)

M2Crypto-compatible root certificate list generator (Python)