Most of the updates to the PLT Web Server today were internal refactorings to make it easier to make some of the bigger changes down the pipe. However, one change is public, and very nice.
It is often desirable to run an HTTPS server with your application. The PLT Web Server has always supported this, because its TCP implementation is parameterized. However, it was not nearly easy enough to actually use that flexibility, unless you were a Scheme warrior, like Eli Barzilay, who used it to implement the handin-server.
For that reason I've integrated running the PLT Web Server in HTTPS into the plt-web-server command-line tool:
plt-web-server --ssl
And you've got yourself an HTTPS server on port 443. You can override that too:
plt-web-server --ssl -p 8443
The only thing you need to do is create a private-key.pem and server-cert.pem in the directory you run the PLT Web Server in, and you're good to go. Instructions to create those are included in the FAQ on HTTPS.
Posts
2 comments:
You should add a synonym flag,
--tls, because that's the current
name of the standard.
Which version of SSL/TLS does the
PLT server actually support?
SSL v2 is known to have a security hole, while SSL v3 and TLS v1 and
v1.1 should be fine.
-- Paul
Thanks for the advice Paul. It supports v2, v3, and TLS v1. It links into the OpenSSL FFI for PLT.
Post a Comment