Tornado: How to securely store SSL certificate?

768 views Asked by At

I currently have my crt and key files stored locally. This is the code for my tornado server:

import tornado.httpserver
import tornado.ioloop
import tornado.web
from flasky import app
from tornado.wsgi import WSGIContainer
from tornado.ioloop import IOLoop
from tornado.web import FallbackHandler

tr = WSGIContainer(app)

application = tornado.web.Application([
    (r".*", FallbackHandler, dict(fallback=tr)),
])

if __name__ == '__main__':
    http_server = tornado.httpserver.HTTPServer(application, ssl_options={
        "certfile": "C:/Source/cert/certificate.crt",
        "keyfile": "C:/Source/cert/keyfile-decrypted.key",
    })
    http_server.listen(8080)
    IOLoop.instance().start()

Is there a way I can cache the keyfile? Or store it in some keyvault? If it can be done using keyvault, what commands do i need to run to store it and later access it on python? I'm not sure what are the best security practices concerning this?

0

There are 0 answers