我遇到问题连接ssl套接字代码,其中java客户端只是向python服务器监听发送消息。当我为服务器和客户端运行代码作为localhost时,它工作得很好。如果我在我的嵌入式主板上使用python服务器,以便java客户端可以发送数据,则有一个连接被java拒绝。我使用嵌入式主板的ip创建了自我分配的认证
openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout privKey.key -out server.pem -subj /CN=XXX.XX.XX.XXX
我使用以下方法创建了客户端认证:
keytool -keystore clientCert -importcert -alias tS -file client.pem
但它仍然不起作用。
我不认为这是我的代码的问题,因为当我尝试使用与LocalName(HOST)相同的确切代码作为localhost时,连接发生就好了。
这是Python服务器代码:
import time , glob, os, sys
def deal_with_client(connstream):
timestr = time.strftime("%Y-%m-%d_%H-%M-%S")
outfile = open((timestr) + ".wav", 'ab')
data = connstream.recv(1024)
print data
sys.exit(1)
outfile.write(data )
# null data means the client is finished with us
while data:
if not data:
print 'no more data being sent'
break
data = connstream.recv(1024)
outfile.write(data)
# finished with client
def get_IP_Edison(value=basestring):
IP = os.popen(value).read()
tag1 , tag2= IP.find(":") , IP.find("n")
return IP[tag1+1:tag2]
def start_Server():
import ssl,socket
context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) # calling the client context to loaded with
# configs
key , cert = "/home/root/Coding/certificates/server/privKey.key", \
"/home/root/Coding/certificates/server/server.pem" # Key and cert created with OPENSSL
context.load_cert_chain(certfile=cert, keyfile=key) # Load the certifications
value = '''ifconfig | grep "inet " | grep -v 127.0.0.1 | grep -v 192.* | awk '{print $2}' '''
HOST, PORT = get_IP_Edison(value), 50007 # calling the port and host / needs to be of the edison
print "IP of the Edison : " + HOST
bindsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # create a normal socket
bindsocket.bind((HOST, PORT)) # Bind the socket or create it
bindsocket.listen(5) # make the socket listen on five connections
print 'Listening..'
while True:
newsocket, fromaddr = bindsocket.accept() # accept the connection
print 'accepted connection from' + str(fromaddr)
connstream = context.wrap_socket(newsocket, server_side=True,do_handshake_on_connect=True) # wrap it in socket but make sure keys match
try:
deal_with_client(connstream) # call the receive function to receive file (more details above )
finally:
connstream.shutdown(socket.SHUT_RDWR)
connstream.close()
print 'socket was closed'
def wavFinder():
newest = max(glob.iglob('*.[Ww][Aa][Vv]'), key=os.path.getctime)
return newest
if __name__=='__main__':
start_Server()
wavFileNew = wavFinder()
print wavFileNew
这是我的java代码:
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;
/**
* Created by admirmonteiro on 2/18/16.
*/
public class testCertEdison {
/** TrustStores which is for the client use**/
final String theServerName = "XXX.XX.XX.XXX";
final int theServerPort = 50007;
// final static String pathToStores = "../../Desktop/SSL_KEY/x509_Java/keyStore/ex/";
final static String pathToStores = "/Users/admirmonteiro/Desktop/SSL_KEY/x509_Java/client/tS";
final static String trustStoreFile = "clientCert" ; // filename
final static String passwd = "admir2006";
public static void main(String args[]) throws Exception {
String trustFileName = pathToStores + "/" + trustStoreFile;
System.setProperty("javax.net.ssl.trustStore",trustFileName);
System.setProperty("javax.net.ssl.trustStorePassword",passwd);
new test_certificate().doClient();
}
void doClient() throws Exception{
SSLSocketFactory sslsf = (SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket sslSocket = (SSLSocket) sslsf.createSocket(theServerName,theServerPort);
OutputStream sslOS = sslSocket.getOutputStream();
sslOS.write("Connected to the stupid thing".getBytes());
sslOS.flush();
sslSocket.close();
}
}
请帮忙,我已经有一段时间了。
答案 0 :(得分:1)
'拒绝连接'意味着没有任何东西正在侦听你试图连接的IP端口。
它与truststores或密钥库或证书或SSL或Python或Java或OpenSSL无关。