Using SSL Certificate, PrivateKey, CertChains with Python Flask/Twisted

1-twisted-https.py

from OpenSSL.crypto import load_privatekey, load_certificate, FILETYPE_PEM
#from OpenSSL.SSL import SSLv3_METHOD
from twisted.internet import reactor
from twisted.internet.ssl import CertificateOptions, DefaultOpenSSLContextFactory, DiffieHellmanParameters
from twisted.web import proxy, server
from twisted.python.filepath import FilePath

sample_site = server.Site(proxy.ReverseProxyResource('localhost', 80, ''))  # ignore it.

# AES256-SHA
#certOptions = DefaultOpenSSLContextFactory('server.key', 'server.crt')

# ECDHE-RSA-AES256-SHA
certOptions = CertificateOptions(
  privateKey=load_privatekey(FILETYPE_PEM, FilePath("private.key").getContent()),  # PKey Object
  certificate=load_certificate(FILETYPE_PEM, FilePath("server.crt").getContent()),  # X509 Object
#  method=SSLv3_METHOD,
  dhParameters=DiffieHellmanParameters.fromFile(FilePath('dh_param_1024.pem')),
  extraCertChain=[load_certificate(FILETYPE_PEM, FilePath(filename).getContent()) for filename in ("chain1.crt", "chain2.crt", "chain3.crt")]
)
reactor.listenSSL(443, sample_site, certOptions)
reactor.run()

2-flask-https.py

from flask import Flask
app = Flask(__name__)
app.run('0.0.0.0', port=443, ssl_context=('merged.crt','private.key'))  # cat server.crt chain1.crt chain2.crt ... > merged.crt

To generate dh_param_1024.pem, check this out : http://twistedmatrix.com/documents/current/api/twisted.internet.ssl.DiffieHellmanParameters.html
To understand CertificateOptions more,
http://twistedmatrix.com/documents/current/api/twisted.internet.ssl.CertificateOptions.html
http://stackoverflow.com/questions/26145252/twisted-python-using-ssl-certificateoptions-when-switching-from-plain-text-to-s#comment41047350_26148140

For the extraCertChain, hierarchically ordered certificate files.
(I'm not sure what if it wasn't ordered.)

SSLv3 was disabled. (DisableSSL3.com)