HowTo: Create an SSL web-server in Twisted (Crude approach, but it works...)

Plumbing Life's Depths

Calendar

Back March '10 Forward
Mo Tu We Th Fr Sa Su
Sat March 20 2010
1 2 3 4 5 6 7
8 9 10 11 12 13 14
15 16 17 18 19 20 21
22 23 24 25 26 27 28
29 30 31        

Quicksearch

Archives

March 2010
February 2010
January 2010
Recent...
Older...

Categories



All categories

Syndicate This Blog

XML RSS 0.91 feed
XML RSS 1.0 feed
XML RSS 2.0 feed
ATOM/XML ATOM 0.3 feed
ATOM/XML ATOM 1.0 feed
XML RSS 2.0 Comments

Blog Administration

Open login screen

Comments

Chris Perkins about Infinite Deployment Docs and OpenID Issues
2010-03-15 17:33
So, A lot of the problems w ith TG stem from repoze.what. We are working on it. I've b een collaborating with G [...]


Mike C. Fletcher about RunSnakeRun 2.0.0b6 (and SquareMap 1.0.0b25) released
2010-03-13 14:54
Thanks. At the moment I haven 't created an icon for the pac kage. Some day I'll hook up t he tablet and draw one : [...]


Dave Malcolm about RunSnakeRun 2.0.0b6 (and SquareMap 1.0.0b25) released
2010-03-12 22:53
Nice work; thanks! FWIW, I' ve packaged both RunSnakeRun a nd SquareMap for Fedora, so it should be possible to i [...]


Mike Fletcher about RunSnakeRun 2.0.0b6 (and SquareMap 1.0.0b25) released
2010-03-12 19:21
Fascinating spam pattern; half of the comments are textbook blog spam (generic comments, t rivially reworded text o [...]


Mike Fletcher about RunSnakeRun 2.0.0b6 (and SquareMap 1.0.0b25) released
2010-03-12 19:05
Thanks, how did that manage to be wrong for so long?


Mike about RunSnakeRun 2.0.0b6 (and SquareMap 1.0.0b25) released
2010-03-12 17:11
I just noticed a typo in your site's subtitle: "Plumblin g Life's Depths" should be "Pl umbing Life's Depths" [...]


Travesti Yeliz about RunSnakeRun 2.0.0b6 (and SquareMap 1.0.0b25) released
2010-03-12 16:29
re-configured to work are unab le to obtain virtualenv mean t hat isn 't possible to develop ?or I've misunderstood y [...]


jacque about Infinite Deployment Docs and OpenID Issues
2010-03-10 10:27
Turbo gear was though a long a waited release and people call ed it very nice but the small problems in it really ma [...]


Marius Gedminas about RunSnakeRun gets a basic source-code-view
2010-03-02 08:56
Thanks!


Mike C. Fletcher about RunSnakeRun gets a basic source-code-view
2010-03-01 22:40
Actually I do use setuptools for RSR. I just haven't yet got out of the Python 2.3 habi t of avoiding "extra" ar [...]


Dave Malcolm about RunSnakeRun gets a basic source-code-view
2010-03-01 19:57
Thanks! That was me.


Marius Gedminas about RunSnakeRun gets a basic source-code-view
2010-03-01 19:14
Oh, you're not using setuptool s/distribute? I got so used t o packages explicitly listing their dependencies in th [...]


Mike Fletcher about RunSnakeRun gets a basic source-code-view
2010-03-01 18:59
Yup, the SquareMap package is a dependency. easy_install Sq uareMap should pull it in. wx Python is also a depende [...]


Marius Gedminas about RunSnakeRun gets a basic source-code-view
2010-03-01 18:49
Release early, release often! (Incidentally, when I easy_ install RunSnakeRun 2.0.0b4, I 'm unable to start it: R [...]


Carl Friedrich Bolz about That didn't go as well as I'd have liked
2010-02-24 10:11
I wasn't actually there, just read the slides. I really like the characterization "PyPy is Shirt Origami research." :-)


Monday, September 27. 2004

HowTo: Create an SSL web-server in Twisted (Crude approach, but it works...)



The Twisted web howto doesn't mention the fairly common task of creating an SSL-secured communications channel for a web server. The process of doing so is fairly simple, but it requires tracking down a few pieces of information, so I've collected them here:

First things first, to create an SSL server, you need a private key file, and an SSL server certificate. Let's assume for the moment that you're a software developer who just wants to get a testing system set up, so you're not going to go to the trouble of getting a formal public certificate, you just want something for testing. OpenSSL can help here. First, we generate a private key file:
openssl genrsa > privkey.pem
Then we generate a self-signed SSL certificate:
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1000
Okay, that's the first challenge licked. Next thing is to actually create the server. We assume that you've created a site as in the Twisted web howto, so you should now have a site object, and you know the port on which you want to listen. We import the ssl module, create an SSL context for the server, and then call listenSSL on the reactor with our port, site and context:
from twisted.internet import reactor, ssl
sslContext = ssl.DefaultOpenSSLContextFactory(
	'/path/to/privkey.pem', 
	'/path/to/cacert.pem',
)
reactor.listenSSL(
	port, # integer port 
	site, # our site object, see the web howto
	contextFactory = sslContext,
)

There are also facilities in twisted.application for setting up the port given the context and site, but I'm going for the simple to-the-metal approach here to match up with the original howto's introductory example.

in Snaking at 00:35 | Comments (3)
Trackbacks
Trackback specific URI for this entry
No Trackbacks
Comments
Display comments as (Linear | Threaded)

thank you!
#1 Anal on 2007-09-17 08:13 (Reply)
The web howto link is pointed at the wrong place. It should be:

http://twistedmatrix.com/documents/current/web/howto/web-overview.html
#2 Jean-Paul Calderone (Homepage) on 2009-12-03 11:45 (Reply)
Thanks, have tried to recover the content for the 3 Twisted tutorials from 2004 and have updated the URL here.
#2.1 Mike C. Fletcher (Homepage) on 2009-12-03 12:45 (Reply)
Add Comment
Note: If you're here from a DoFollow list, please go elsewhere. This blog is actively monitored and spam removed, and it is now NoFollow rather than DoFollow.
Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.
E-Mail addresses will not be displayed and will only be used for E-Mail notifications

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA