HTTPS_MutualAuth/https-server.py (19 lines of code) (raw):
#!/usr/bin/env python3
import http.server
import ssl
def get_ssl_context(certfile, keyfile):
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain(certfile, keyfile)
context.set_ciphers("@SECLEVEL=1:ALL")
context.load_verify_locations(cafile="server-certs/rootca-cert.pem")
context.verify_mode = ssl.CERT_REQUIRED
# context.verify_mode = ssl.CERT_OPTIONAL
return context
class MyHandler(http.server.SimpleHTTPRequestHandler):
def do_POST(self):
content_length = int(self.headers["Content-Length"])
post_data = self.rfile.read(content_length)
print(post_data.decode("utf-8"))
server_address = ('', 5000)
httpd = http.server.HTTPServer(server_address, MyHandler)
context = get_ssl_context("server-certs/server-cert.pem", "server-certs/server-key.pem")
httpd.socket = context.wrap_socket(httpd.socket, server_side=True)
httpd.serve_forever()