simple-https-server.py

# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
#    openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
#    python simple-https-server.py
# then in your browser, visit:
#    https://localhost:4443

import BaseHTTPServer, SimpleHTTPServer
import ssl

httpd = BaseHTTPServer.HTTPServer(('localhost', 4443), SimpleHTTPServer.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./server.pem', server_side=True)
httpd.serve_forever()

Updated to Python 3.11.4 (http.server module changes, ssl module changes/deprecations)

from http.server import HTTPServer, SimpleHTTPRequestHandler
import ssl
from pathlib import Path

port = 4443

httpd = HTTPServer(("localhost", port), SimpleHTTPRequestHandler)
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
ssl_context.load_cert_chain(Path(__file__).parent / "server.pem")
httpd.socket = ssl_context.wrap_socket(
    httpd.socket,
    server_side=True,
)

print(f"Serving on https://localhost:{port}")
httpd.serve_forever()

Nice!

Do you guys get it work on 443 port? It works on any other port on my laptop but 443. Though nmap and netstat -tulpn show the port is open, curl and openssl s_client always say connection refused.

@Dragorn421 Thanks for the up-to-date version! 🙂️

How the certfile should look like?
Is it only the cert?
Or ist it a bundle with cert and key?

@schoenid If you look at the command provided in the comment (openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes), both -keyout and -out point to the same file (server.pem), so you get both the private key and the certificate in the same file. You can refer to command man openssl req for more information.

@telmotrooper Many Thanks! This is very helpful.