HTTPS/SSL Web Server - moving to cherrypy 3.0

Hi,

I was wondering if there were plans to move to cherrypy 3.0 so that https could be used. I've exposed the server to the outside through my router and would like the authentication to be encrypted along with other data.

[matt (support)]

It is on the longterm ToDo list, but it likely won't be until at least the next major rev (after 2.5, which is about to ship). If you use GoPrism.com, then you can use HTTPS and everything will be encrypted (both from your browser to our hosted GoPrism.com server, and from our GoPrism server to your Mac).

Regards,
Matt

Hi,

Just to let you know I got the server working with the CherryPy 3.1 beta3 including authentication. I use the same certificate I use with my CalendarServer. Minimal testing at this point

Scott

Well, almost -

Everything looks fine, and authenticates but there's not interactivity on the custom page or basic page. Has something to do with cherrypy.server.indigoDb.DeviceTurnOn (and Off presumably)

Will look at it tomorrow.

Ok. Got that one fixed. remote_add method now maps to remote.ip . Back to testing.

[matt (support)]

Great! Keep me posted on the progress. Thanks!

Regards,
Matt

yes, i raise my hand in support of integrated https webserving, too. us diy-ers, you know, we like it all in house....

(hmm, there's a bumper sticker slogan in there somewhere i think...)

Matt,

I've looked at the diffs between b19 and b20 for the webserver and don't see much problem in merging these. My question is

1) Since you haven't decided on the OSS status I don't feel free to 'share' so are you interested in integrating these changes?

2) If so, and since you're making somewhat significant changes to the IndigoWebServer directory is this under svn and is there a way to branch or coordinate that makes sense? (I know a little svn but not much in the way of patches and maintenance)

3) If so, it would be nice to update the Indigo preferences to provide for
a) turning it on
b) preferences to point to ssl_certificate and ssl_private_key files
c) inclusion of default .pem files
d) update Control Pages to know its serving https and modify the URL they launch accordingly

Finally, area's I'm not addressing, of which I'm aware -

1) Prism and compatibility with cherrypy 3 .1 - I assume priwm and https would be mutually exclusive.

2) cherrypy 3 seems to (I've not fully verified the source of the problem) have a speed issue with serving static content so that the loading of the css files seems to take many seconds. Haven't had time to pursue further yet.

[matt (support)]

1) Since you haven't decided on the OSS status I don't feel free to 'share' so are you interested in integrating these changes?

Feel free to distribute these changes if you want. I can host them if you would like, but don't have to. Consider that your official license to distribute.

I will integrate the changes into the next release after 2.5 ships. It is a bit too big of a change to sneak into 2.5 at this point (I'm just about to kick it out the door).

2) If so, and since you're making somewhat significant changes to the IndigoWebServer directory is this under svn and is there a way to branch or coordinate that makes sense? (I know a little svn but not much in the way of patches and maintenance)

Probably best to just hand merge for the time being. I do use SVN (and CVS) internally, but I don't have any type of public access for outside contributions yet.

3) If so, it would be nice to update the Indigo preferences to provide for
a) turning it on
b) preferences to point to ssl_certificate and ssl_private_key files
c) inclusion of default .pem files
d) update Control Pages to know its serving https and modify the URL they launch accordingly

Yes. I'll look into all of these issues (and adding a UI for some of the options) into the next post 2.5 version.

Thanks again for spearheading this project!

Regards,
Matt

If interested an installer for this is at

HTTPS Indigo 2 beta 20 web server installer

[matt (support)]

Great. I'll take a look at integrating it into Indigo after 2.5 is released. Thanks!

Matt

Matt,

FYI, I also edited the templates/ to add a specific link to the favicon. I was having difficulty in getting the favicon to appear in Firefox 2 without doing this.

Hi,

If you downloaded the installer before the time of this post please throw it away and re-download. I had the target of the installer set to / instead of where it should be. Nothing will be harmed by it but you'll have to clean up '/'. This is now corrected.

Apologies.

-Scott

The above link now includes a second installer with both Cherrypy 3.1beta and Cheetah 2.0.1. I'm trying to go toward pre-compiled templates to speed up the initial load time and maybe overall performance. A lot more to understand before moving fully in that direction.

[matt (support)]

FYI, the 3.0.6 release now uses CherryPy 3.1 and Cheetah 2.0.1. HTTPS/SSL is not yet turned on or supported by Indigo, but this is step in that direction. The IndigoWebServer now uses multiple threads and should be more responsive and reliable because of both of these upgrades.

Regards,
Matt