Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

bottle on cherrypy server + ssl

I am trying to run Bottle on top of Cherrypy's server. I want to get SSL Support.

So far I have tried this:

from bottle import Bottle, route
from cherrypy import wsgiserver

app = Bottle()

@app.route("/")
def index():
  return "Hello"


server = wsgiserver.CherryPyWSGIServer(
            ('0.0.0.0', 443), app)

server.ssl_adapter.private_key = 'server.key'
server.ssl_adapter.certificate = 'server.crt'
server.start()

But the above throws an ArgumentError that I can't set properties on a None object (ssl_adpater). Apparently I need to set the ssl_adapter property to some object that derives from SSLAdapter, but I couldn't find any examples.

I am using Python 2.7 and Cherrypy 3.2.2

Thanks.

like image 490
zyash Avatar asked Apr 30 '12 21:04

zyash


2 Answers

Try using the following:

import web
from web.wsgiserver import CherryPyWSGIServer
from web.wsgiserver.ssl_builtin import BuiltinSSLAdapter

ssl_cert = "path/to/ssl_certificate"
ssl_key = "path/to/ssl_private_key"

CherryPyWSGIServer.ssl_adapter = BuiltinSSLAdapter(ssl_cert, ssl_key, None)
like image 77
BluesRockAddict Avatar answered Nov 15 '22 16:11

BluesRockAddict


I haven't tried the following, but hopefully, it should point you in the right direction.

WSGI is typically for communication between a web server like Apache Httpd and a Python web application, where the requests are handled by the web server and handled by the Python application. Since you want a standalone application, using a WSGI adapter doesn't sound quite right, although this is mentioned in this document (but for an old version of CherryPy).

Newer versions of CherryPy use cherrypy.quickstart(...) for their standalone servers. This sounds more appropriate for your application. I would suggest using a configuration as described on this page, something along these lines:

config={
    'server.socket_port': 443,
    'server.ssl_module':'pyopenssl',
    'server.ssl_certificate':'/.../host.crt',
    'server.ssl_private_key':'/.../host.key',
    'server.ssl_certificate_chain':'/.../ca_certs.crt'
}

cherrypy.config.update(config)
cherrypy.quickstart(...)

This would also be more in line with the _cserver documentation.

(By the way, port 443 is the default for HTTPS, not 433.)

like image 44
Bruno Avatar answered Nov 15 '22 17:11

Bruno