I'm trying to make a HTTPS web server. Here is my code...
import tornado.escape
import tornado.ioloop
import tornado.web
import tornado.httpserver
import settings
import os
import ssl
class Application(tornado.web.Application):
def __init__(self):
handlers = [
(r'/login', LoginPage),
]
args = {
'template_path': settings.TEMPLATE_PATH,
'static_path': settings.STATIC_PATH,
'debug': True,
'cookie_secret': settings.COOKIE_SECRET,
'login_url': settings.LOGIN_URL,
}
tornado.web.Application.__init__(self, handlers, **args)
class LoginPage(tornado.web.RequestHandler):
def get(self):
self.write("SSL. Yay!")
if __name__ == '__main__':
applicaton = Application()
ssl_options = {'certfile': os.path.join(settings.SSL_PATH, 'certificate.crt'),
'keyfile': os.path.join(settings.SSL_PATH, 'privateKey.key'),
}
http_server = tornado.httpserver.HTTPServer(applicaton, ssl_options=ssl_options)
http_server.listen(8888)
tornado.ioloop.IOLoop.instance().start()
I generated my certificate.crt and privateKey.key using the following command...
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
When I run the server and go to localhost:8888/login I get the following error...
/usr/bin/python2 /home/user/dev/sslserver/main.py
WARNING:root:SSL Error on 9 ('127.0.0.1', 55303): [Errno 1] _ssl.c:509: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
WARNING:root:SSL Error on 10 ('127.0.0.1', 55304): [Errno 1] _ssl.c:509: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
WARNING:root:SSL Error on 9 ('127.0.0.1', 55305): [Errno 1] _ssl.c:509: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request
If I remove the ssl_options=ssl_options the webpage displays fine. Am I missing an argument for ssl_options? I'm new to certificates and ssl so any advice on how to get this working would be greatly appreciated. Thanks!
You need to explicitly go to https://localhost:8888
(not just localhost:8888
). Without the https:// prefix, the browser is sending unencrypted http; that's what the "http request" error message from openssl means. You can't serve http and https on the same port, but you can start up a second HTTPServer without ssl_options on a different port.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With