-
openssl genrsa -aes256 -passout pass:SuperSecretPassword -out server.key 2048
-
openssl req -new -key server.key -passin pass:SuperSecretPassword -out server.csr
-
Common Name (e.g. server FQDN or YOUR name) []:localhost
-
openssl x509 -req -passin pass:SuperSecretPassword -days 1024 -in server.csr -signkey server.key -out server.crt
-
openssl rsa -in server.key -out server_no_pass.key -passin pass:SuperSecretPassword
-
'mv server_no_pass.key server.key`
-
cat server.crt server.key > server.pem
-
python server.py
-
curl --cacert keys/server.crt https://localhost:8000
-
ssl.DefaultOpenSSLContextFactory('keys/server.key', 'keys/server.crt')
-
ssl.PrivateCertificate.loadPEM(open('keys/server.pem').read())
-
let Twisted do it for you
endpoints.serverFromString(reactor, 'ssl:443:certKey=keys/server.crt:privateKey=keys/server.key')