BaseHTTPServer cannot be instantiated with port 443. I guess this is prevented to avoid collision with some other https services.
Therefore, I've tried to define SNI to this server using the following code, but it still fails...
Here's the server establishment code , I ran it from Windows cmd with administrator rights:
httpd = BaseHTTPServer.HTTPServer(("192.168.22.23", 443), MyRequestHandler)
tls_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
tls_context.load_cert_chain(certfile='./cert.csr')
tls_context.set_servername_callback(verify_tls)
httpd.socket = tls_context.wrap_socket(httpd.socket, do_handshake_on_connect=True, server_side=True)
httpd.socket.settimeout(30)
httpd.serve_forever()
here's the command that fails :
httpd = BaseHTTPServer.HTTPServer(("192.168.22.23", 443), MyRequestHandler)
and the output :
c:\python27\lib\SocketServer.pyc in __init__(self, server_address, RequestHandlerClass, bind_and_activate)
415 if bind_and_activate:
416 try:
--> 417 self.server_bind()
418 self.server_activate()
419 except:
c:\python27\lib\BaseHTTPServer.pyc in server_bind(self)
106 def server_bind(self):
107 """Override server_bind to store the server name."""
--> 108 SocketServer.TCPServer.server_bind(self)
109 host, port = self.socket.getsockname()[:2]
110 self.server_name = socket.getfqdn(host)
c:\python27\lib\SocketServer.pyc in server_bind(self)
429 if self.allow_reuse_address:
430 self.socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
--> 431 self.socket.bind(self.server_address)
432 self.server_address = self.socket.getsockname()
433
c:\python27\lib\socket.pyc in meth(name, self, *args)
226
227 def meth(name,self,*args):
--> 228 return getattr(self._sock,name)(*args)
229
230 for _m in _socketmethods:
error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions
any idea how to define my server on 443 without getting this error ?
thanks
BaseHTTPServer cannot be instantiated with port 443. I guess this is prevented to avoid collision with some other https services.
Yes, the error "error: [Errno 10013] An attempt was made to access a socket in a way forbidden by its access permissions" indicates such a problem.
Therefore, I've tried to define SNI to this server using the following code, but it still fails...
The problem is not at the TLS layer at all and thus doing something at this layer (i.e. SNI) will not help. The problem is at the TCP layer: it cannot bind to port 443 because this already in use by some other process. The only way to fix this is to make sure that there is no other process using this port.