I've looked for information about implmenting a Twisted web server with SSL, but came up short. A quick scan of mail on this list for the past year doesn't have any discussion about SSL, or I may have just overlooked it. David Mertz's Linux Zone article, which is otherwise complimentary, doesn't appear too encouraging: http://gnosis.cx/publish/programming/twisted_4.html "Twisted does come with an SSL framework; however, as with most things in Twisted, exactly how it might work is poorly documented -- I tried downloading two likely support packages to try to get the Twisted v.1.0.6 script test_ssl.py to work (see Resources). I am sure that with some version of the right 3rd party libraries (and some Twisted version) -- and perhaps after corrections to erroneous examples -- it is possible to use SSL with Twisted, but I have not done so for this article." -Jeff
On Feb 4, 2005, at 12:56 PM, Jeff Bauer wrote:
I've looked for information about implmenting a Twisted web server with SSL, but came up short. A quick scan of mail on this list for the past year doesn't have any discussion about SSL, or I may have just overlooked it.
There's probably no discussion, because it just works. # Standard startup procedure for HTTP port (you need to have setup site above, of course) application = service.Application("web") i = internet.TCPServer(8080, site) i.setServiceParent(service.IServiceCollection(application)) # Add two more lines to start a HTTPs port. (you'll need to have made your ssl key/crt beforehand) i = internet.SSLServer(8081, site, ssl.DefaultOpenSSLContextFactory("ssl.key", "ssl.crt")) i.setServiceParent(service.IServiceCollection(application)) James
On Fri, 2005-02-04 at 14:58 -0500, James Y Knight wrote:
On Feb 4, 2005, at 12:56 PM, Jeff Bauer wrote:
I've looked for information about implmenting a Twisted web server with SSL, but came up short. A quick scan of mail on this list for the past year doesn't have any discussion about SSL, or I may have just overlooked it.
There's probably no discussion, because it just works.
# Standard startup procedure for HTTP port (you need to have setup site above, of course) application = service.Application("web") i = internet.TCPServer(8080, site) i.setServiceParent(service.IServiceCollection(application))
# Add two more lines to start a HTTPs port. (you'll need to have made your ssl key/crt beforehand) i = internet.SSLServer(8081, site, ssl.DefaultOpenSSLContextFactory("ssl.key", "ssl.crt")) i.setServiceParent(service.IServiceCollection(application))
There's also twisted.application.strports which, in my opinion, makes this even easier: # HTTP on port 8080 s = strports.service('tcp:8080', site) s.setServiceParent(application) # HTTPS on port 8443 s = strports.service('ssl:8443:privateKey=ssl.key:certKey=ssl.crt', site) s.setServiceParent(application) Cheers, Matt
On Fri, Feb 04, 2005 at 02:58:47PM -0500, James Y Knight wrote:
# Add two more lines to start a HTTPs port. (you'll need to have made your ssl key/crt beforehand)
Here an example of this (which is the only non trivial bit): from twisted.internet import ssl from OpenSSL import SSL ssl_context = ssl.DefaultOpenSSLContextFactory(config.get('https_privkey'), config.get('https_cert'), SSL.SSLv23_METHOD,) internet.SSLServer(int(config.get('https_port')), nevow_site, ssl_context, backlog = int(config.get('https_backlog')), interface = config.get('https_interface'),).setServiceParent(service_collection)
participants (4)
-
Andrea Arcangeli -
James Y Knight -
Jeff Bauer -
Matt Goodall