|
| https://realpython.com/ |
| Start Here | https://realpython.com/start-here/ |
|
Learn Python
| https://realpython.com/lessons/exploring-https-summary/ |
| Python Tutorials →In-depth articles and video courses | https://realpython.com/search?kind=article&kind=course&order=newest |
| Learning Paths →Guided study plans for accelerated learning | https://realpython.com/learning-paths/ |
| Quizzes & Exercises →Check your learning progress | https://realpython.com/quizzes/ |
| Browse Topics →Focus on a specific area or skill level | https://realpython.com/tutorials/all/ |
| Community Chat →Learn with other Pythonistas | https://realpython.com/community/ |
| Office Hours →Live Q&A calls with Python experts | https://realpython.com/office-hours/ |
| Podcast →Hear what’s new in the world of Python | https://realpython.com/podcasts/rpp/ |
| Books →Round out your knowledge and learn offline | https://realpython.com/products/books/ |
| Reference →Concise definitions for common Python terms | https://realpython.com/ref/ |
| Code Mentor →BetaPersonalized code assistance & learning tools | https://realpython.com/mentor/ |
| Unlock All Content → | https://realpython.com/account/join/ |
|
More
| https://realpython.com/lessons/exploring-https-summary/ |
| Learner Stories | https://realpython.com/learner-stories/ |
| Python Newsletter | https://realpython.com/newsletter/ |
| Python Job Board | https://www.pythonjobshq.com |
| Meet the Team | https://realpython.com/team/ |
| Become a Tutorial Writer | https://realpython.com/write-for-us/ |
| Become a Video Instructor | https://realpython.com/become-an-instructor/ |
| Search | https://realpython.com/search |
| https://realpython.com/search |
| Join | https://realpython.com/account/join/ |
| Sign‑In | https://realpython.com/account/login/?next=%2Flessons%2Fexploring-https-summary%2F |
| Unlock This Lesson | https://realpython.com/account/join/?utm_source=rp_lesson&utm_content=exploring-https-cryptography |
| Unlock This Lesson | https://realpython.com/account/join/?utm_source=rp_lesson&utm_content=exploring-https-cryptography |
| https://realpython.com/courses/exploring-https-cryptography/#team |
| Exploring HTTPS and Cryptography in Python | https://realpython.com/courses/exploring-https-cryptography/ |
| Christopher Trudeau | https://realpython.com/courses/exploring-https-cryptography/#team |
| Recommended Tutorial | https://realpython.com/python-https/ |
| Course Slides (.pdf) | https://realpython.com/courses/exploring-https-cryptography/downloads/https-cryptography-slides/ |
| Sample Code (.zip) | https://realpython.com/courses/exploring-https-cryptography/downloads/https-cryptography-code/ |
| Ask a Question | https://realpython.com/lessons/exploring-https-summary/#discussion |
| https://realpython.com/feedback/survey/course/exploring-https-cryptography/liked/?from=lesson-title |
| https://realpython.com/feedback/survey/course/exploring-https-cryptography/disliked/?from=lesson-title |
| Contents | https://realpython.com/lessons/exploring-https-summary/#description |
| Transcript | https://realpython.com/lessons/exploring-https-summary/#transcript |
| Discussion (5) | https://realpython.com/lessons/exploring-https-summary/#discussion |
| Python Cryptography: Read the Docs | https://cryptography.io/en/latest/ |
| OpenSSL: Cryptography and SSL/TLS Toolkit | https://www.openssl.org/ |
| History of cryptography - Wikipedia | https://en.wikipedia.org/wiki/History_of_cryptography |
| TLS: Transport Layer Security - Wikipedia | https://en.wikipedia.org/wiki/Transport_Layer_Security |
| RSA: (Rivest–Shamir–Adleman) Cryptosystem - Wikipedia | https://en.wikipedia.org/wiki/RSA_[cryptosystem] |
| Modular Arithmetic - Wikipedia | https://en.wikipedia.org/wiki/Modular_arithmetic |
| How does RSA work? - Hackernoon | https://hackernoon.com/how-does-rsa-work-f44918df914b |
| Socket Programming in Python - Real Python article | https://realpython.com/python-sockets/ |
| Running Your Flask Application Over HTTPS - Miguel Grinberg | https://blog.miguelgrinberg.com/post/running-your-flask-application-over-https |
| Unlock This Lesson | https://realpython.com/account/join/?utm_source=rp_lesson_preview&utm_content=exploring-https-cryptography |
| Sign-In | https://realpython.com/account/login/ |
| Unlock This Lesson | https://realpython.com/account/join/?utm_source=rp_lesson_preview&utm_content=exploring-https-cryptography |
| Sign-In | https://realpython.com/account/login/ |
| 00:00 | https://realpython.com/lessons/exploring-https-summary/#t=0.51 |
| Thanks for sticking with me this far! This course has talked about HTTPS, | https://realpython.com/lessons/exploring-https-summary/#t=0.51 |
| I showed you how to build a simple Flask server, the basics behind cryptography, | https://realpython.com/lessons/exploring-https-summary/#t=5.25 |
| how to strengthen your server using Fernet ciphers, | https://realpython.com/lessons/exploring-https-summary/#t=10.32 |
| why asymmetric key exchange and public and private keys are important, | https://realpython.com/lessons/exploring-https-summary/#t=13.56 |
| how to write code in Python to be a Certificate Authority, using the certificates | https://realpython.com/lessons/exploring-https-summary/#t=18.33 |
| generated by your Certificate Authority to host a Flask server using HTTPS, | https://realpython.com/lessons/exploring-https-summary/#t=23.01 |
| and now, I’m going to talk about a couple of simpler ways of generating those | https://realpython.com/lessons/exploring-https-summary/#t=28.56 |
| certificates and provide you with some further reading. | https://realpython.com/lessons/exploring-https-summary/#t=32.159 |
| 00:36 | https://realpython.com/lessons/exploring-https-summary/#t=36.48 |
| This course has taught the long way around as to how to get certificates. | https://realpython.com/lessons/exploring-https-summary/#t=36.48 |
| I did that in the hope that you’d have a better understanding of how the pieces | https://realpython.com/lessons/exploring-https-summary/#t=40.56 |
| fit together. In real life, if you need one of these certificates, | https://realpython.com/lessons/exploring-https-summary/#t=43.89 |
| there’s usually ways around it. First off, if you’re developing in Flask | https://realpython.com/lessons/exploring-https-summary/#t=47.76 |
| it has an 'adhoc' mode. Inside of your code, | https://realpython.com/lessons/exploring-https-summary/#t=51.96 |
| instead of setting the ssl_context to be the public and private keys, | https://realpython.com/lessons/exploring-https-summary/#t=55.74 |
| you can set it to the keyword 'adhoc'. Flask will start the server, it’ll listen on | https://realpython.com/lessons/exploring-https-summary/#t=59.76 |
| HTTPS correctly, and it will generate a certificate on the fly. | https://realpython.com/lessons/exploring-https-summary/#t=65.19 |
| 01:10 | https://realpython.com/lessons/exploring-https-summary/#t=70.38 |
| The problem with 'adhoc' mode is there’s no CA signing cert. | https://realpython.com/lessons/exploring-https-summary/#t=70.38 |
| That means you’ll get a warning message, like this one from Firefox, telling you | https://realpython.com/lessons/exploring-https-summary/#t=74.04 |
| that the certificate is invalid. | https://realpython.com/lessons/exploring-https-summary/#t=78.45 |
| 01:21 | https://realpython.com/lessons/exploring-https-summary/#t=81.0 |
| If you’re just trying to test your code in HTTPS, | https://realpython.com/lessons/exploring-https-summary/#t=81.0 |
| you can accept the risk and continue. Similarly, | https://realpython.com/lessons/exploring-https-summary/#t=83.49 |
| curl has --insecure. Using this parameter, | https://realpython.com/lessons/exploring-https-summary/#t=88.08 |
| you can tell it to ignore whatever certificates come down and just assume | https://realpython.com/lessons/exploring-https-summary/#t=92.16 |
| they’re valid. Using the Flask 'adhoc' mechanism and curl’s --insecure parameter, | https://realpython.com/lessons/exploring-https-summary/#t=96.3 |
| you can skip past all of the certificate generation steps that I showed you in | https://realpython.com/lessons/exploring-https-summary/#t=101.64 |
| the sixth and seventh lessons. Alternatively, | https://realpython.com/lessons/exploring-https-summary/#t=105.6 |
| there’s an open-source library called OpenSSL. | https://realpython.com/lessons/exploring-https-summary/#t=109.35 |
| 01:52 | https://realpython.com/lessons/exploring-https-summary/#t=112.74 |
| It provides tools for using SSL and TLS. It’s available here. | https://realpython.com/lessons/exploring-https-summary/#t=112.74 |
| 01:58 | https://realpython.com/lessons/exploring-https-summary/#t=118.62 |
| This rather long command line asks OpenSSL to generate a certificate. | https://realpython.com/lessons/exploring-https-summary/#t=118.62 |
| As you read through it, you’ll probably notice some phrases that are familiar. | https://realpython.com/lessons/exploring-https-summary/#t=124.29 |
| It’s asking for an X.509 certificate, | https://realpython.com/lessons/exploring-https-summary/#t=127.95 |
| it’s asking to use an RSA key to create it. -out cert.pem and -keyout | https://realpython.com/lessons/exploring-https-summary/#t=130.38 |
| key.pem are the public and private certificate files. | https://realpython.com/lessons/exploring-https-summary/#t=136.17 |
| 02:20 | https://realpython.com/lessons/exploring-https-summary/#t=140.64 |
| This single command does what several hundred lines of code in the examples did. | https://realpython.com/lessons/exploring-https-summary/#t=140.64 |
| 02:26 | https://realpython.com/lessons/exploring-https-summary/#t=146.58 |
| The questions that openssl will ask you when you run this command are the same | https://realpython.com/lessons/exploring-https-summary/#t=146.58 |
| as the answers you would need to fill in the make_x509_name() name function | https://realpython.com/lessons/exploring-https-summary/#t=150.93 |
| in the utils file. | https://realpython.com/lessons/exploring-https-summary/#t=155.16 |
| 02:37 | https://realpython.com/lessons/exploring-https-summary/#t=157.02 |
| The output is a public certificate—in the previous command, | https://realpython.com/lessons/exploring-https-summary/#t=157.02 |
| it was named cert.pem—and a private key—in the previous command | https://realpython.com/lessons/exploring-https-summary/#t=160.41 |
| it was named key.pem. | https://realpython.com/lessons/exploring-https-summary/#t=164.46 |
| 02:46 | https://realpython.com/lessons/exploring-https-summary/#t=166.5 |
| These are the equivalent of server-public-key and server-private-key PEM files | https://realpython.com/lessons/exploring-https-summary/#t=166.5 |
| in your code. | https://realpython.com/lessons/exploring-https-summary/#t=171.09 |
| Essentially what you did in the Python in this lesson is write a subset of what | https://realpython.com/lessons/exploring-https-summary/#t=172.47 |
| openssl provides for you. For your reference, | https://realpython.com/lessons/exploring-https-summary/#t=176.7 |
| here’s some links to some of the tools I’ve talked about in this course. | https://realpython.com/lessons/exploring-https-summary/#t=180.76 |
| 03:04 | https://realpython.com/lessons/exploring-https-summary/#t=184.6 |
| lsof is the list open files command. | https://realpython.com/lessons/exploring-https-summary/#t=184.6 |
| I used it to look at the open ports on my machine. | https://realpython.com/lessons/exploring-https-summary/#t=187.18 |
| There’s a good how-to guide as to how to use that. nmap was the port scanner, | https://realpython.com/lessons/exploring-https-summary/#t=190.6 |
| which is available here. | https://realpython.com/lessons/exploring-https-summary/#t=195.61 |
| 03:17 | https://realpython.com/lessons/exploring-https-summary/#t=197.5 |
| netstat is the Windows equivalent of lsof. You can find out more information on | https://realpython.com/lessons/exploring-https-summary/#t=197.5 |
| it here. This is the Python cryptography documentation, | https://realpython.com/lessons/exploring-https-summary/#t=202.54 |
| Flask’s documentation, the OpenSSL tool, | https://realpython.com/lessons/exploring-https-summary/#t=207.37 |
| and finally, Wireshark. If you want to drill down more, | https://realpython.com/lessons/exploring-https-summary/#t=211.27 |
| here’s some suggested reading. | https://realpython.com/lessons/exploring-https-summary/#t=215.41 |
| 03:37 | https://realpython.com/lessons/exploring-https-summary/#t=217.3 |
| You can get more information on the history of cryptography through the | https://realpython.com/lessons/exploring-https-summary/#t=217.3 |
| Wikipedia page. | https://realpython.com/lessons/exploring-https-summary/#t=220.24 |
| 03:42 | https://realpython.com/lessons/exploring-https-summary/#t=222.4 |
| Wikipedia is also a great place for learning about TLS and RSA. | https://realpython.com/lessons/exploring-https-summary/#t=222.4 |
| Not done yet! | https://realpython.com/lessons/exploring-https-summary/#t=227.65 |
| You can drill down on modular arithmetic inside of Wikipedia, as well. | https://realpython.com/lessons/exploring-https-summary/#t=228.55 |
| 03:53 | https://realpython.com/lessons/exploring-https-summary/#t=233.26 |
| And finally, this is an excellent article on how RSA works. | https://realpython.com/lessons/exploring-https-summary/#t=233.26 |
| I borrowed the numbers in my math explanation from his page. | https://realpython.com/lessons/exploring-https-summary/#t=236.86 |
| It saved me a lot of work. | https://realpython.com/lessons/exploring-https-summary/#t=239.95 |
| 04:02 | https://realpython.com/lessons/exploring-https-summary/#t=242.68 |
| If you’re interested in the TCP layer and how sockets work, | https://realpython.com/lessons/exploring-https-summary/#t=242.68 |
| you can get more information on socket programming in Python in this article. | https://realpython.com/lessons/exploring-https-summary/#t=245.44 |
| Finally, | https://realpython.com/lessons/exploring-https-summary/#t=249.94 |
| you can get more information on using Flask and HTTPS together by reading Miguel | https://realpython.com/lessons/exploring-https-summary/#t=250.42 |
| Grinberg’s blog post. Before signing off, | https://realpython.com/lessons/exploring-https-summary/#t=254.8 |
| I would just like to acknowledge elconomeno, oksmith, and Lad Fury. | https://realpython.com/lessons/exploring-https-summary/#t=259.0 |
| 04:23 | https://realpython.com/lessons/exploring-https-summary/#t=263.62 |
| They all contributed to the public domain with images, and thankfully to them, | https://realpython.com/lessons/exploring-https-summary/#t=263.62 |
| you didn’t have to see my crayon-based stick figure drawings. | https://realpython.com/lessons/exploring-https-summary/#t=268.15 |
| 04:32 | https://realpython.com/lessons/exploring-https-summary/#t=272.44 |
| Thanks for your attention. I hope you’ve enjoyed the course. | https://realpython.com/lessons/exploring-https-summary/#t=272.44 |
| Sept. 14, 2020 | https://realpython.com/lessons/exploring-https-summary/#comment-fa3fb9cb-81aa-473b-bf42-de15cb8bc345 |
| Sept. 14, 2020 | https://realpython.com/lessons/exploring-https-summary/#comment-3c9507c4-3e61-49f6-a8c4-de4654714f49 |
| Jan. 24, 2021 | https://realpython.com/lessons/exploring-https-summary/#comment-c0b7c490-7f74-4d3c-b796-4f04d8401487 |
| Dec. 26, 2021 | https://realpython.com/lessons/exploring-https-summary/#comment-1335f1e5-b297-46fa-8234-3427db956ef6 |
| Sept. 4, 2024 | https://realpython.com/lessons/exploring-https-summary/#comment-560c8406-cfc6-4413-b85b-bb020f437583 |
| Become a Member | https://realpython.com/account/join/ |
| https://realpython.com/lessons/hosting-https-flask/ |
| Overview | https://realpython.com/courses/exploring-https-cryptography/ |
|
Exploring HTTPS and Cryptography in Python (Overview) 11:05
| https://realpython.com/videos/exploring-https-overview/ |
|
Writing a Simple Server 10:20
| https://realpython.com/videos/write-simple-server/ |
|
A Brief Introduction to Cryptography 13:34
| https://realpython.com/lessons/brief-intro-cryptography/ |
|
Using Fernet Ciphers to Secure Your Content 05:46
| https://realpython.com/lessons/using-fernet-ciphers/ |
|
Exchanging Asymmetric Keys 12:56
| https://realpython.com/lessons/asymmetric-keys/ |
|
Creating Public and Private Keys 16:28
| https://realpython.com/lessons/public-private-keys/ |
|
Coding Like a Certificate Authority 09:32
| https://realpython.com/lessons/coding-like-a-ca/ |
|
Hosting HTTPS With Flask 04:03
| https://realpython.com/lessons/hosting-https-flask/ |
|
Exploring HTTPS and Cryptography in Python (Summary) 04:37
| https://realpython.com/lessons/exploring-https-summary/ |
| Privacy Policy | https://realpython.com/privacy-policy/ |
Viewport: width=device-width, initial-scale=1, shrink-to-fit=no, viewport-fit=cover