CherryPy Project Download

SslCherry?

SslCherry? is a simple one-page python file that integrates the python package M2Crypto with CherryPy to provide HTTPS support.

Usage

from cherrypy import cpg
import sslcherry

...

cpg.root = Root()
sslcherry.start(configFile='foo.conf')

Your config file should contain something like this:

[server]
sslKeyFile=foo.pem

Where "foo.pem" is a file containing your private key and certificate, in the same format that apache uses.

Security

To quote from the M2Crypto README file:

M2Crypto's handling of active hostile input is probably suspect.

Please consider the implications of this for your site. If you fell uncomfortable about it, consider running BehindApache instead. Even though I wrote this module, I am considering not using it in production.

Bugs

  • The URLs given in cpg.request.base and cpg.request.browserUrl still start with "http://" instead of the correct "https://".
  • Unix domain sockets are not supported.
  • SSL error handling is not done well.
  • M2Crypto does not currently appear to support (or compile for) Python 2.4.

Attachments

Hosted by WebFaction

Log in as guest/cherrypy to create/edit wiki pages