Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Python Simple SSL Socket Server

Tags:

python

openssl

Just trying to set up a simple SSL server. I have never had anything SSL work for me in the past. I have a loose understanding of how SSL certificates and signing.

The code is simple

import socket, ssl

context = ssl.SSLContext(ssl.PROTOCOL_TLSv1)
context.load_cert_chain(certfile="mycertfile") ###############

bindsocket = socket.socket()
bindsocket.bind(('', 2099))
bindsocket.listen(5)

while True:
    newsocket, fromaddr = bindsocket.accept()
    sslsoc = context.wrap_socket(newsocket, server_side=True)
    request = sslsoc.read()
    print(request)

The line in there with the ###s after it is the one that isnt working. I don't know what I have to do with openssl to generate a PEM file that will work here.

Can anyone enlighten me as to how to make this simple socket work.

By the way, this is NOT used for HTTP.

like image 243
Caprin Avatar asked Jun 29 '12 03:06

Caprin

1 Answers

you can use this command to generate a self-signed certificate

openssl req -new -x509 -days 365 -nodes -out cert.pem -keyout cert.pem

the openssl framework will ask you to enter some information, such as your country, city, etc. just follow the instruction, and you will get a cert.pem file. the output file will have both your RSA private key, with which you can generate your public key, and the certificate. the output file looks like this:

-----BEGIN RSA PRIVATE KEY-----
 # your private key
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
 # your certificate
-----END CERTIFICATE-----

just load it, and the ssl module will handle the rest for you:

context.load_cert_chain(certfile="cert.pem", keyfile="cert.pem")

btw, there is no "SSLContext" in python2. for guys who are using python2, just assign the pem file when wrapping socket:

newsocket, fromaddr = bindsocket.accept()
connstream = ssl.wrap_socket(newsocket,
                             server_side=True,
                             certfile="cert.pem",
                             keyfile="cert.pem",
                             ssl_version=YOUR CHOICE)

available ssl version: ssl.PROTOCOL_TLSv1, ssl.PROTOCOL_SSLv2, ssl.PROTOCOL_SSLv3, ssl.PROTOCOL_SSLv23. if you have no idea, ssl.PROTOCOL_SSLv23 may be your choice as it provides the most compatibility with other versions.

like image 155
Brian Avatar answered Nov 17 '22 00:11

Brian
Sign in to Comment

Related questions

Python: Converting GIF frames to PNG
Python ctypes argument errors
Can pip use existing packages rather than downloading again?
python logging to multiple files
How to run a python script at a specific time(s)
Multiprocessing Queue in Python
Python, checksum of a dict
General techniques to work with huge amounts of data on a non-super computer
Check if a string is a possible abbrevation for a name
Controlling Yaml Serialization Order in Python
How to move a camera in Blender 2.61 with Python
SQLAlchemy "event.listen" for all models
How to make my SWIG extension module work with Pickle?
Looping over subset in Jinja
how do I compute a weighted moving average using pandas
Locking sqlite file on NFS filesystem possible?
Django static files won't load
display two png images simultaneously using pylab
Books for OpenCV and Python? [closed]
Running OpenCV from a Python virtualenv

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!