Subsections

9. How to use SSL with CherryPy

9.1 Introduction

There are several ways to make an SSL CherryPy website: Only the second option is covered in this HowTo.

9.2 Prerequisite

CherryPy's SSL support is based on the PyOpenSSL package. You can get it at http://pyopenssl.sourceforge.net. I recommend using version 0.5.1 or higher of PyOpenSSL. Problems have been reported with earlier versions on some platforms.

You can test your installation by firing up the Python interpreter and typing:

>>> import OpenSSL
>>>
If this doesn't work for you, then PyOpenSSL is not correctly installed on your system.

9.3 Configuring the CherryPy server

Once you have PyOpenSSL installed, all you have to do is add 2 lines in your CherryPy config file, in the server section:
sslKeyFile=/path/to/ssl/key/file
sslCertificateFile=/path/to/ssl/certificate/file

And that's it !

A "real-world" sample config file for an SSL site might be:

[server]
socketPort=443
sslKeyFile=server.pkey
sslCertificateFile=server.cert

See About this document... for information on suggesting changes.