Created
December 3, 2019 13:12
-
-
Save metajiji/30cc252be9b5a5b5788ce88b97aa2bdd to your computer and use it in GitHub Desktop.
self signed certificates
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# | |
# Required OpenSSL 1.1.1, providing subjectAltName directly on command line: | |
# https://security.stackexchange.com/questions/74345/provide-subjectaltname-to-openssl-directly-on-the-command-line | |
# | |
openssl req -x509 \ | |
-nodes \ | |
-subj "/CN=$1" \ | |
-newkey rsa:2048 \ | |
-keyout key.pem \ | |
-out cert.pem \ | |
-addext "subjectAltName=DNS:$1" \ | |
-days 365 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
Generate new self signed certificate (Required OpenSSL 1.1.1, providing subjectAltName directly on command line): | |
openssl req -x509 -nodes -subj "/CN=test.localhost" -addext "subjectAltName=DNS:test.localhost" -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 | |
""" | |
import sys | |
import ssl | |
LISTEN_ADDR = 'localhost' | |
LISTEN_PORT = 4443 | |
if sys.version_info.major == 2: | |
import BaseHTTPServer, SimpleHTTPServer | |
httpd = BaseHTTPServer.HTTPServer((LISTEN_ADDR, LISTEN_PORT), SimpleHTTPServer.SimpleHTTPRequestHandler) | |
else: | |
import http.server | |
httpd = http.server.HTTPServer((LISTEN_ADDR, LISTEN_PORT), http.server.SimpleHTTPRequestHandler) | |
httpd.socket = ssl.wrap_socket (httpd.socket, certfile='./cert.pem', keyfile='./key.pem', server_side=True) | |
httpd.serve_forever() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment