制作SSL key
生成rsa密钥
openssl genrsa -des3 -out server.key 1024
注意:
Enter pass phrase for server.key:提示需要输入密码;
Common Name (e.g. server FQDN or YOUR name) []:服务器IP
根据密钥生成csr
openssl req -new -key server.key -out server.csr
最后生成crt
openssl req -x509 -days 1024 -key server.key -in server.csr > server.crt
去密码:
openssl rsa -in server.key -out server_no_password.key
最后得到server_no_password.key和server.csr两个文件
创建ssl文件夹,将上述两个文件放入文件夹中
在文件夹同级创建main.py
目录结构如下:
├── main.py
└── ssl
├── server.crt
└── server_no_password.key
Tornado代码编写
import tornado.ioloop, os
from tornado.web import RequestHandler, Application, url, StaticFileHandler
class MainHandler(RequestHandler):
def get(self):
self.write("Hello World")
def make_app():
app = Application(
[
url(r"/", MainHandler),
],
)
return app
def main():
app = make_app()
https_server = tornado.httpserver.HTTPServer(app, ssl_options={
"certfile": os.path.join(os.path.dirname(__file__), "ssl/server.crt"),
"keyfile": os.path.join(os.path.dirname(__file__), "ssl/server_no_password.key")
})
https_server.listen(1234)
io = tornado.ioloop.IOLoop.current()
io.start()
if __name__ == "__main__":
main()
测试:
python3 main.py
在浏览器中输入 https://服务器:1234/后回车
提示警告,忽略后
在浏览器中显示Hello World