How can I implement a secure WebSocket (wss://) server in Python?

Question

I want to serve a real-time stream that has to be securely encrypted due to sensitive data.

I\'ve successfully got normal WebSockets streaming using both gevent and guni

Answer 1

Assuming that you have your app running correctly over non-SSL Tornado WebSockets, change the listen call from:

app.listen(args.listen_port, args.listen_interface) 

to:

app.listen(args.listen_port, args.listen_interface, ssl_options={ 
        "certfile": os.path.join(lib_dir, "mydomain.crt"),
        "keyfile": os.path.join(lib_dir, "mydomain.key"),
    })

where "mydomain.crt" and "mydomain.key" are your usual SSL certificate files, and lib_dir is the directory they live in.

Don't forget to change the client to use "wss:"

Also note that the port you specify in the listen call will still be used if you specify ssl_options. i.e. it will not revert to listening on port 443.