hunchentoot define-easy-handler with ssl?

Question

I use define-easy-handler all the time. I now have a freshly minted ssl certificate and associated pem files, but can\'t figure out what the ssl equivalent of d-e-h is.

Answer 1

This is not a function of the handlers but of the acceptor. All you need to do is use an easy-ssl-acceptor instead of an easy-acceptor for starting your server:

(hunchentoot:start (make-instance 'hunchentoot:easy-ssl-acceptor :port 4242))

Answer 2

You can keep your easy-handlers and change the type of acceptor you need.

(defpackage :web (:use :cl :hunchentoot))
(in-package :web)

;; This url can be accessed by all acceptors
(define-easy-handler (no-ssl :uri "/normal") ()
  (setf (content-type*) "text/plain")
  "NORMAL PAGE")

;; This url can be accessed only by an acceptor named SSL
(define-easy-handler (ssl :uri "/secure" :acceptor-names '(ssl)) ()
  (setf (content-type*) "text/plain")
  "SECURED PAGE")

For tests, if you don't already have a self-signed certificate , you can do:

$ cd /tmp
$ openssl req -new -x509 -nodes -out server.crt -keyout server.key

Then, we define two kinds of acceptors:

(defvar *no-ssl-acceptor*
  (make-instance 'easy-acceptor :port 8080))

(defvar *ssl-acceptor*
  (make-instance 'easy-ssl-acceptor
                 :name 'ssl
                 :port 7777
                 :ssl-privatekey-file  #P"/tmp/server.key"
                 :ssl-certificate-file #P"/tmp/server.crt"))

Start them:

(start *ssl-acceptor*)
(start *no-ssl-acceptor*)

Your browser should complain the first time you try to access HTTPS pages (ignore the security exception).

• http://localhost:8080/normal
• http://localhost:8080/secure (should fail with 404)
• https://localhost:7777/normal
• https://localhost:7777/secure

Note also that the :acceptor-names argument is optional (thanks @Simeon Ikudabo), here above it was added explictly for the examples. You can just define an SSL acceptor and let all your pages be served over a secure link.