Receive SSL Request Flask In Python Issue

Question

This is a port listener trying to receive an SSL Request using the python script below. It is failing in the OpenSSL module. Only SSL request will be coming to this location.

Python Script:

import logging

from OpenSSL import SSL

log = logging.getLogger()
log.setLevel(logging.DEBUG)

log_path = 'C:\\Temp\\Receive SSL Request Flask.log'
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
fh = logging.FileHandler(log_path)
fh.setFormatter(formatter)
log.addHandler(fh)

from flask import Flask, request, make_response, Response
app = Flask(__name__)

@app.route('/', defaults={'path':''})
@app.route('/<path:path>', methods=['GET', 'POST'])
def handle(path):
    try:
        log.info('Path: ' + path)
        log.info(' ')

        if path == 'Client':
            request_stream = str(request.stream.read())
            log.info('Request Stream *(Original): ' + request_stream)
            log.info(' ')

            return Response("{'msg':'Received SSL Request','success':True}")
    except Exception as e:
        log.debug('Exception: ' + str(e))

def main_process():
    try:
        context = SSL.Context(SSL.SSLv3_METHOD)
        context.use_privatekey_file('C:\\Temp\\server.key')
        context.use_certificate_file('C:\\Temp\\sever.crt')

        app.run('0.0.0.0', debug=True, port=80, ssl_context=('C:\\Temp\\server.crt', 'C:\\Temp\\server.key') )
    except KeyboardInterrupt:
        log.info("^C Caught, Shutting Down...")
    finally:
        log.info("GoodBye!!!")

if __name__ == "__main__":
    main_process()

Stack Trace:

Traceback (most recent call last):
  File "C:\Temp\Receive SSL Request Flask.py", line 46, in <module>
    main_process()
  File "C:\Temp\Receive SSL Request Flask.py", line 37, in main_process
    context.use_certificate_file('C:\\Temp\\sever.crt')
  File "C:\Python34\lib\site-packages\OpenSSL\SSL.py", line 391, in use_certific
ate_file
    _raise_current_error()
  File "C:\Python34\lib\site-packages\OpenSSL\_util.py", line 22, in exception_f
rom_error_queue
    raise exceptionType(errors)
OpenSSL.SSL.Error: [('system library', 'fopen', 'No such file or directory'), ('
BIO routines', 'FILE_CTRL', 'system lib'), ('SSL routines', 'SSL_CTX_use_certifi
cate_file', 'system lib')]

Any help would be greatly appreciated...

Answer 1

In "main_process" function there is a line that reads:

context.use_certificate_file('C:\\Temp\\sever.crt')

I think "C:\\Temp\\sever.crt" should be "C:\\Temp\\server.crt" (notice the r in server)

Code works fine.

I used the following shell commands in my tmp directory to generate my own self-signed SSL certificate:

openssl genrsa -des3 -out server.key 1024
openssl req -new -key server.key -out server.csr
cp server.key server.key.org 
openssl rsa -in server.key.org -out server.key
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

Then using the follow code: (I changed it just a bit to work on Linux)

import logging
import os


from OpenSSL import SSL

log = logging.getLogger()
log.setLevel(logging.DEBUG)

log_path = os.getcwd() + '/tmp/ssl_flask_demo_log.log'
formatter = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
fh = logging.FileHandler(log_path)
fh.setFormatter(formatter)
log.addHandler(fh)

from flask import Flask, request, make_response, Response
app = Flask(__name__)

@app.route('/', defaults={'path':''})
@app.route('/<path:path>', methods=['GET', 'POST'])
def handle(path):
    try:
        log.info('Path: ' + path)
        log.info(' ')

        if path == 'Client':
            request_stream = str(request.stream.read())
            log.info('Request Stream *(Original): ' + request_stream)
            log.info(' ')

            return Response("{'msg':'Received SSL Request','success':True}")
        else:
            return Response("{'msg'}:'Not a client', 'success':True}")
    except Exception as e:
        log.debug('Exception: ' + str(e))
        return "YOU CAUSED AN EXCEPTION. GOOD JOB...", str(e)
    return "...How..are you seeing this?"

def main_process():
    try:
        pkey    = os.getcwd() + '/tmp/server.key'
        cert    = os.getcwd() + '/tmp/server.crt'
        context = SSL.Context(SSL.SSLv3_METHOD)
        context.use_privatekey_file(pkey)
        context.use_certificate_file(os.getcwd() + '/tmp/server.crt')
        port = 5002
        print "visit https://localhost:" + str(port)
        app.run(debug=True, port=port, ssl_context=(cert, pkey) )

    except KeyboardInterrupt:
        log.info("^C Caught, Shutting Down...")
    finally:
        log.info("GoodBye!!!")

if __name__ == "__main__":
    main_process()