A library for integrating pyOpenSSL with CherryPy.
The OpenSSL module must be importable for SSL functionality. You can obtain it from http://pyopenssl.sourceforge.net/
To use this module, set CherryPyWSGIServer.ssl_adapter to an instance of SSLAdapter. There are two ways to use SSL:
- ssl_adapter.context: an instance of SSL.Context.
If this is not None, it is assumed to be an SSL.Context instance, and will be passed to SSL.Connection on bind(). The developer is responsible for forming a valid Context object. This approach is to be preferred for more flexibility, e.g. if the cert and key are streams instead of files, or need decryption, or SSL.SSLv3_METHOD is desired instead of the default SSL.SSLv23_METHOD, etc. Consult the pyOpenSSL documentation for complete options.
- ssl_adapter.certificate: the filename of the server SSL certificate.
- ssl_adapter.private_key: the filename of the server’s private key file.
Both are None by default. If ssl_adapter.context is None, but .private_key and .certificate are both given and valid, they will be read, and the context will be automatically created from them.
A thread-safe wrapper for an SSL.Connection.
*args: the arguments to create the wrapped SSL.Connection(*args).
A wrapper for integrating pyOpenSSL with CherryPy.
Optional. The filename of CA’s intermediate certificate bundle.
This is needed for cheaper “chained root” SSL certificates, and should be left as None if not required.