Hello,
I just pushed a patch to happstack-server which adds support for https://.
I would love to get some feedback before I make a release on hackage. To enable https:// you simply need to add a valid TLSConf to the Conf that you pass to simpleHTTP.
Additionally, there are two new routing combinators,
> http :: (ServerMonad m, MonadPlus m) => m ()
> https :: (ServerMonad m, MonadPlus m) => m ()
https is enabled by default but can be disable by running configure with the -fdisable-https flag.
You can generate self-signed certificate by following these directions:
Note that when you are testing https:// on a non-standard port (such as 8443) you need to change both http:// -> https:// and :8000 -> :8443 in the url. If you only change one or the other it won't work.
Here is a very simple working example:
--------------------------------------
module Main where
import Control.Monad (msum)
import Happstack.Server
conf :: Conf
conf = nullConf { tls = Just $ TLSConf { tlsPort = 8443 -- port to listen on for https://
, tlsCert = "ssl/test.crt" -- path to ssl certificate
, tlsKey = "ssl/test.key" -- path to ssl private key
}
}
main :: IO ()
main =
simpleHTTP conf $ msum
[ dir "favicon.ico" $ notFound (toResponse ()) -- route matches http:// or https://
, msum [ do http -- this route will only match http://
ok $ toResponse "This is so insecure."
, do https -- this route will only match https://
ok $ toResponse "It's all secure!"
]
]
----------------------------------------
Any and all feedback would be appreciated. Everything about this is still open to change.
Also, it would be nice if someone looked over the implementation to make sure I did it right and have not created a false sense of security.
The key modules are:
Happy hacking!
- jeremy