Python web service - Allow only TLS 1.1 and 1.2

865 Views Asked by Xavier DSouza At 18 April 2025 at 09:26

We have a python(2.7) web service:
app.py

...
import web
import sys
import argparse
import traceback
from web.wsgiserver import CherryPyWSGIServer
...
URLS = ('/svc/healthcheck', 'Healthcheck')
CherryPyWSGIServer.ssl_certificate = '/etc/appk_service/ssl/ksvc_ssl.crt'
CherryPyWSGIServer.ssl_private_key = '/etc/appk_service/ssl/ksvc_ssl.key'
...
if __name__ == '__main__':
    LOGGER.info('setting env')
    try:
        parser = argparse.ArgumentParser()
        parser.add_argument(
            '--test',
            action='store_const',
            const=setenv_test,
            default=setenv,
            dest='action')
        args, left = parser.parse_known_args()
        args.action()
        sys.argv = sys.argv[:1] + left
    except Exception:
        LOGGER.error(traceback.format_exc())

    LOGGER.info('starting app')
    start()
...
def start():
    '''method to start the application'''
    LOGGER.info('initializing urls')
    app = web.application(URLS, globals())
    app.run(Log)

Now, this is started by specifying the port using the command:

nohup python app.py 9918

Can anyone please suggest where and how can I configure this web service to only allow TLS 1.1 and 1.2
Currently, it also allows SSL 2 and SSL 3 as well. And we need to restrict this to only TLS 1.1 and 1.2 protocols.

Is this something to be handled in code or some config like OS level env. variables?

Original Q&A

Python web service - Allow only TLS 1.1 and 1.2

There are 0 best solutions below

Related Questions in PYTHON

Related Questions in SSL

Related Questions in TLS1.2

Related Questions in CHERRYPY

Related Questions in WSGISERVER

Trending Questions

Popular # Hahtags

Popular Questions