Java SSL连接被拒绝

Question

I am having problem connection ssl socket code where java client is simply sending a message to the python server listening. When I run the code as localhost for both server and client, it works just fine. If I use the python server on my embedded board so the java client can send it data, there is a connection refused from java. I created the self assigned certifications with the ip of the embedded board

openssl req -x509 -nodes -days 730 -newkey rsa:2048 -keyout privKey.key -out server.pem -subj /CN=XXX.XX.XX.XXX

I created the client certification using :

keytool -keystore clientCert -importcert -alias tS -file client.pem

But still it does not work.

I do not think it is a problem with my code since when I try the same exact code with theServerName(HOST) as localhost, the connection happens just fine.

Here is the Python Server code :

import time , glob, os, sys

def deal_with_client(connstream):
    timestr = time.strftime("%Y-%m-%d_%H-%M-%S")
    outfile = open((timestr) + ".wav", 'ab')
    data = connstream.recv(1024)
    print data
    sys.exit(1)
    outfile.write(data )
    # null data means the client is finished with us
    while data:
        if not data:
            print 'no more data being sent'
            break
        data = connstream.recv(1024)
        outfile.write(data)
    # finished with client
def get_IP_Edison(value=basestring):
    IP = os.popen(value).read()
    tag1 , tag2= IP.find(":") , IP.find("n")
    return IP[tag1+1:tag2]

def start_Server():
    import ssl,socket

    context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH) # calling the client context to loaded with
    # configs
    key , cert = "/home/root/Coding/certificates/server/privKey.key", \
                 "/home/root/Coding/certificates/server/server.pem" # Key and cert created with OPENSSL
    context.load_cert_chain(certfile=cert, keyfile=key) # Load the certifications
    value = '''ifconfig | grep "inet " | grep -v 127.0.0.1 | grep -v 192.* | awk '{print $2}' '''
    HOST, PORT = get_IP_Edison(value), 50007 # calling the port and host / needs to be of the edison
    print "IP of the Edison : " + HOST
    bindsocket = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # create a normal socket
    bindsocket.bind((HOST, PORT)) # Bind the socket or create it
    bindsocket.listen(5)  # make the socket listen on five connections
    print 'Listening..'
    while True:
        newsocket, fromaddr = bindsocket.accept() # accept the connection
        print 'accepted connection from' + str(fromaddr)
        connstream = context.wrap_socket(newsocket, server_side=True,do_handshake_on_connect=True) # wrap it in socket but make sure keys match
        try:
            deal_with_client(connstream) # call the receive function to receive file (more details above )
        finally:
            connstream.shutdown(socket.SHUT_RDWR)
            connstream.close()
            print 'socket was closed'

def wavFinder():
    newest = max(glob.iglob('*.[Ww][Aa][Vv]'), key=os.path.getctime)
    return newest


if __name__=='__main__':
    start_Server()
    wavFileNew = wavFinder()
    print wavFileNew

Here is my java code :

import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import java.io.*;

/**
 * Created by admirmonteiro on 2/18/16.
 */
public class testCertEdison {
    /** TrustStores which is for the client use**/


    final String theServerName = "XXX.XX.XX.XXX";
    final int theServerPort = 50007;
    //   final static String pathToStores = "../../Desktop/SSL_KEY/x509_Java/keyStore/ex/";
    final static String pathToStores = "/Users/admirmonteiro/Desktop/SSL_KEY/x509_Java/client/tS";
    final static String trustStoreFile = "clientCert" ; // filename
    final static String passwd = "admir2006";

    public static void main(String args[]) throws Exception {

        String trustFileName = pathToStores + "/" + trustStoreFile;
        System.setProperty("javax.net.ssl.trustStore",trustFileName);
        System.setProperty("javax.net.ssl.trustStorePassword",passwd);

        new test_certificate().doClient();

    }

    void doClient() throws Exception{
        SSLSocketFactory sslsf = (SSLSocketFactory) SSLSocketFactory.getDefault();
        SSLSocket sslSocket = (SSLSocket) sslsf.createSocket(theServerName,theServerPort);

        OutputStream sslOS = sslSocket.getOutputStream();
        sslOS.write("Connected to the stupid thing".getBytes());
        sslOS.flush();
        sslSocket.close();

    }
}

Please help, I have been at this for a while.

Answer 1

'Connection refused' means there was nothing listening at the IP:port you tried to connect to.

It has nothing to do with truststores or keystores or certificates or SSL or Python or Java or OpenSSL.