生成证书

客户端和服务端搭建

https

simple-https-server.py

# run as follows: python simple-https-server.py
# then in your browser, visit:
# https://localhost
import ssl
import http.server

serverAddress = ('0.0.0.0', 443)
httpd = http.server.HTTPServer(
    serverAddress, http.server.SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket(
    httpd.socket, certfile='server.cer', server_side=True, keyfile="server.prikey", cert_reqs=ssl.CERT_REQUIRED, ca_certs="ca.cer")  #
httpd.serve_forever()

# cert_reqs=ssl.CERT_REQUIRED 去掉即可浏览器访问

simple-https-client.py

import ssl
import http.client

context = ssl.SSLContext(ssl.PROTOCOL_TLS)
context.load_verify_locations('ca.cer')
context.load_cert_chain(certfile="client.cer", keyfile="client.prikey")
context.verify_mode = ssl.CERT_REQUIRED
context.check_hostname = True

conn = http.client.HTTPSConnection("localhost", context=context)
conn.request("GET", "/")
print(conn.getresponse().read().decode())

sslsocket

验证

ssl文档