shimizukawa/requirements.txt

## requirements.txt
pyopenssl
twisted
cherrypy
service_identity

## ssl_gen.py
import os, time, tempfile
from twisted.internet import ssl
import OpenSSL

def generate_ssl_pem(cn):
    # req
    dn = ssl.DistinguishedName(commonName=cn)
    keypair = ssl.KeyPair.generate()
    req = keypair.certificateRequest(dn)

    # sign
    verify = lambda dn: True
    serialno = int(time.time())
    issuer = ssl.DistinguishedName(commonName=cn)
    certData = keypair.signCertificateRequest(issuer, req, verify, serialno)
    cert = keypair.newCertificate(certData)

    return cert.dumpPEM()


def verify_ssl_pem_file(cn, filename):
    if not os.path.exists(filename):
        return False
    pem = open(filename, 'rb').read()
    cer = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, pem)
    for pair in cer.get_subject().get_components():
        if pair == ('CN', cn):
            return True
    return False


def generate_ssl_pem_file(cn, filename=None):
    if filename:
        if verify_ssl_pem_file(cn, filename):
            return filename
        else:
            f = open(filename, 'wb')
    else:
        f = tempfile.NamedTemporaryFile(delete=False)
        filename = f.name

    with f:
        f.write(generate_ssl_pem(cn))
        print 'SSL: pem generated for', cn
        return filename


if __name__ == '__main__':
    from cherrypy.wsgiserver import CherryPyWSGIServer
    from cherrypy.wsgiserver.ssl_builtin import BuiltinSSLAdapter
    from wsgiref.simple_server import demo_app

    domain = 'www.example.com'
    pemfile = generate_ssl_pem_file(domain)
    https = CherryPyWSGIServer(('0.0.0.0', 443), demo_app, server_name=domain)
    https.ssl_adapter = BuiltinSSLAdapter(pemfile, pemfile, None)

    print('Server running as: https://0.0.0.0:443/')
    https.start()
	import os, time, tempfile
	from twisted.internet import ssl
	import OpenSSL

	def generate_ssl_pem(cn):
	# req
	dn = ssl.DistinguishedName(commonName=cn)
	keypair = ssl.KeyPair.generate()
	req = keypair.certificateRequest(dn)

	# sign
	verify = lambda dn: True
	serialno = int(time.time())
	issuer = ssl.DistinguishedName(commonName=cn)
	certData = keypair.signCertificateRequest(issuer, req, verify, serialno)
	cert = keypair.newCertificate(certData)

	return cert.dumpPEM()


	def verify_ssl_pem_file(cn, filename):
	if not os.path.exists(filename):
	return False
	pem = open(filename, 'rb').read()
	cer = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, pem)
	for pair in cer.get_subject().get_components():
	if pair == ('CN', cn):
	return True
	return False


	def generate_ssl_pem_file(cn, filename=None):
	if filename:
	if verify_ssl_pem_file(cn, filename):
	return filename
	else:
	f = open(filename, 'wb')
	else:
	f = tempfile.NamedTemporaryFile(delete=False)
	filename = f.name

	with f:
	f.write(generate_ssl_pem(cn))
	print 'SSL: pem generated for', cn
	return filename


	if __name__ == '__main__':
	from cherrypy.wsgiserver import CherryPyWSGIServer
	from cherrypy.wsgiserver.ssl_builtin import BuiltinSSLAdapter
	from wsgiref.simple_server import demo_app

	domain = 'www.example.com'
	pemfile = generate_ssl_pem_file(domain)
	https = CherryPyWSGIServer(('0.0.0.0', 443), demo_app, server_name=domain)
	https.ssl_adapter = BuiltinSSLAdapter(pemfile, pemfile, None)

	print('Server running as: https://0.0.0.0:443/')
	https.start()