forked from pauljt/BleBrowser
-
Notifications
You must be signed in to change notification settings - Fork 39
/
https.py
69 lines (51 loc) · 2.36 KB
/
https.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
"""
Run an HTTPS server serving the contents of the directory.
You'll need to generate a key and certificate file. On a Mac you should do this by following
the instructions in:
https://developer.apple.com/library/archive/technotes/tn2326/_index.html
First "Creating a Certificate Authority" and then "Issuing a [server] Digital Identity"
This will generate a self-signed root Certificate Authority (CA) certificate and a signed server
certificate (digital identity) to be used by your server.
You then need to export the certificate authority certificate
as a .cer file through KeyChain by
- right click the CA certificate
- hit Export...
- select the .cer format
Then add it to you test iOS device by
- emailing it to yourself
- tapping on the .cer attachment
- installing it and trusting it
- enabling it through Settings -> General -> About -> Certificate Trust Settings
Then you need to export the signed server cert, this time using format
"Personal Information Exchange" (.p12) so that it includes the private key, then convert it to
pem using openssl like this:
openssl pkcs12 -in your-export.p12 -nocerts -nodes -out your-server.key
openssl pkcs12 -in your-export.p12 -nokeys -nodes -out your-server.cer
You can then run this server like this:
python3 https.py --port 4443 your-server.key your-server.cer
By default this listens to all addresses by using the ipv6 null address :: – this *also* listens
for ipv4 connections (!).
"""
import argparse
import http.server
import socket
import ssl
class HTTPServerV6(http.server.HTTPServer):
address_family = socket.AF_INET6
if __name__ == '__main__':
parser = argparse.ArgumentParser(description='Run an HTTPS server to serve your current directory')
parser.add_argument('keyfile')
parser.add_argument('certfile')
parser.add_argument('--host', default='')
parser.add_argument('--port', type=int, default=4443)
args = parser.parse_args()
print(f'Using keyfile {args.keyfile}')
print(f'Using certificate {args.certfile}')
httpd = HTTPServerV6(
(args.host, args.port), http.server.SimpleHTTPRequestHandler
)
print(f'Listening on address {httpd.server_address}')
context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain(args.certfile, keyfile=args.keyfile)
httpd.socket = context.wrap_socket(httpd.socket, server_side=True)
httpd.serve_forever()