Java SSL连接被拒绝

时间:2016-02-25 22:10:03

标签: java tcp network-programming intel-edison

我遇到问题连接ssl套接字代码,其中java客户端只是向python服务器监听发送消息。当我为服务器和客户端运行代码作为localhost时,它工作得很好。如果我在我的嵌入式主板上使用python服务器,以便java客户端可以发送数据,则有一个连接被java拒绝。我使用嵌入式主板的ip创建了自我分配的认证

openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout privKey.key -out server.pem -subj /CN=XXX.XX.XX.XXX

我使用以下方法创建了客户端认证:

keytool -keystore clientCert -importcert -alias tS -file client.pem

但它仍然不起作用。

我不认为这是我的代码的问题,因为当我尝试使用与LocalName(HOST)相同的确切代码作为localhost时,连接发生就好了。

这是Python服务器代码:

import time , glob, os, sys

def deal_with_client(connstream):
    timestr = time.strftime("%Y-%m-%d_%H-%M-%S")
    outfile = open((timestr) + ".wav", 'ab')
    data = connstream.recv(1024)
    print data
    sys.exit(1)
    outfile.write(data )
    # null data means the client is finished with us
    while data:
        if not data:
            print 'no more data being sent'
            break
        data = connstream.recv(1024)
        outfile.write(data)
    # finished with client
def get_IP_Edison(value=basestring):
    IP = os.popen(value).read()
    tag1 , tag2= IP.find(":") , IP.find("n")
    return IP[tag1+1:tag2]

def start_Server():
    import ssl,socket

    context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) # calling the client context to loaded with
    # configs
    key , cert = "/home/root/Coding/certificates/server/privKey.key", \
                 "/home/root/Coding/certificates/server/server.pem" # Key and cert created with OPENSSL
    context.load_cert_chain(certfile=cert, keyfile=key) # Load the certifications
    value = '''ifconfig | grep "inet " | grep -v 127.0.0.1 | grep -v 192.* | awk '{print $2}' '''
    HOST, PORT = get_IP_Edison(value), 50007 # calling the port and host / needs to be of the edison
    print "IP of the Edison : " + HOST
    bindsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # create a normal socket
    bindsocket.bind((HOST, PORT)) # Bind the socket or create it
    bindsocket.listen(5)  # make the socket listen on five connections
    print 'Listening..'
    while True:
        newsocket, fromaddr = bindsocket.accept() # accept the connection
        print 'accepted connection from' + str(fromaddr)
        connstream = context.wrap_socket(newsocket, server_side=True,do_handshake_on_connect=True) # wrap it in socket but make sure keys match
        try:
            deal_with_client(connstream) # call the receive function to receive file (more details above )
        finally:
            connstream.shutdown(socket.SHUT_RDWR)
            connstream.close()
            print 'socket was closed'

def wavFinder():
    newest = max(glob.iglob('*.[Ww][Aa][Vv]'), key=os.path.getctime)
    return newest


if __name__=='__main__':
    start_Server()
    wavFileNew = wavFinder()
    print wavFileNew

这是我的java代码:

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

/**
 * Created by admirmonteiro on 2/18/16.
 */
public class testCertEdison {
    /** TrustStores which is for the client use**/


    final String theServerName = "XXX.XX.XX.XXX";
    final int theServerPort = 50007;
    //   final static String pathToStores = "../../Desktop/SSL_KEY/x509_Java/keyStore/ex/";
    final static String pathToStores = "/Users/admirmonteiro/Desktop/SSL_KEY/x509_Java/client/tS";
    final static String trustStoreFile = "clientCert" ; // filename
    final static String passwd = "admir2006";

    public static void main(String args[]) throws Exception {

        String trustFileName = pathToStores + "/" + trustStoreFile;
        System.setProperty("javax.net.ssl.trustStore",trustFileName);
        System.setProperty("javax.net.ssl.trustStorePassword",passwd);

        new test_certificate().doClient();

    }

    void doClient() throws Exception{
        SSLSocketFactory sslsf = (SSLSocketFactory) SSLSocketFactory.getDefault();
        SSLSocket sslSocket = (SSLSocket) sslsf.createSocket(theServerName,theServerPort);

        OutputStream sslOS = sslSocket.getOutputStream();
        sslOS.write("Connected to the stupid thing".getBytes());
        sslOS.flush();
        sslSocket.close();

    }
}

请帮忙,我已经有一段时间了。

1 个答案:

答案 0 :(得分:1)

'拒绝连接'意味着没有任何东西正在侦听你试图连接的IP端口。

它与truststores或密钥库或证书或SSL或Python或Java或OpenSSL无关。