<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 9pt;
font-family:·s²Ó©úÅé
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>
<font class="Apple-style-span" size="4">Hello,everyone!!</font><div><font class="Apple-style-span" size="3"><br></font></div><div><font class="Apple-style-span" size="3">I am writing a simple ssl client-server test program on my personal laptop.</font></div><div><font class="Apple-style-span" size="3"><br></font></div><div><font class="Apple-style-span" size="3">And I encounter some problems with my simple programs.</font></div><div><font class="Apple-style-span" size="3"><br></font></div><div><font class="Apple-style-span" size="3">Please give me some helps.</font></div><div><font class="Apple-style-span" size="3">--------------------------------------------------------------------------------------------------------------------------------------------------------</font></div><div><font class="Apple-style-span" size="3"><br></font></div><div><font class="Apple-style-span" size="4">My server code:</font></div><div><font class="Apple-style-span" size="3"><br></font></div><div><div style="font-size: medium; ">import socket</div><div style="font-size: medium; ">import ssl</div><div style="font-size: medium; ">bindsocket = socket.socket()</div><div style="font-size: medium; ">bindsocket.bind(('127.0.0.1', 1234))</div><div style="font-size: medium; ">bindsocket.listen(5)</div><div style="font-size: medium; ">print 'server is waiting for connection...'</div><div style="font-size: medium; ">newsocket, fromaddr = bindsocket.accept()</div><div style="font-size: medium; ">print 'start ssl socket...'</div><div style="font-size: medium; ">connstream = ssl.wrap_socket(newsocket, server_side=True, certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt", keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key", ssl_version=ssl.PROTOCOL_SSLv23)</div><div style="font-size: medium; ">data = connstream.read()</div><div style="font-size: medium; ">print 'connected from address', fromaddr</div><div style="font-size: medium; ">print 'received data as', repr(data)</div><div style="font-size: medium; ">connstream.close()</div><div style="font-size: medium; "><br></div><div><font class="Apple-style-span" size="4">My client code:</font></div><div style="font-size: medium; "><br></div><div style="font-size: medium; "><div>import socket</div><div>import ssl</div><div>s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)</div><div>ssl_sock = ssl.wrap_socket(s, ca_certs="/home/ckyang/PHA/testsslsocket/myCA.crt", cert_reqs=ssl.CERT_REQUIRED)</div><div>ssl_sock.connect(("127.0.0.1", 1234))</div><div>ssl_sock.write("hello")</div><div>ssl_sock.close()</div></div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">-----------------------------------------------------------------------------------------------------------------------------------------------------------</div><div><font class="Apple-style-span" size="4">Server side error:</font></div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">File "views.py", line 17, in <module></div><div style="font-size: medium; "><div>connstream = ssl.wrap_socket(newsocket, server_side=True, certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt", keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key", ssl_version=ssl.PROTOCOL_SSLv23)</div><div> File "/usr/lib/python2.7/ssl.py", line 344, in wrap_socket</div><div> ciphers=ciphers)</div><div> File "/usr/lib/python2.7/ssl.py", line 119, in __init__</div><div> ciphers)</div><div>ssl.SSLError: [Errno 336265218] _ssl.c:347: error:140B0002:SSL routines:SSL_CTX_use_PrivateKey_file:system lib</div></div><div style="font-size: medium; "><br></div><div><font class="Apple-style-span" size="4">Client side error:</font></div><div style="font-size: medium; "><br></div><div style="font-size: medium; "><div>File "client.py", line 10, in <module></div><div> ssl_sock.connect(("127.0.0.1", 1234))</div><div> File "/usr/lib/python2.7/ssl.py", line 299, in connect</div><div> self.do_handshake()</div><div> File "/usr/lib/python2.7/ssl.py", line 283, in do_handshake</div><div> self._sslobj.do_handshake()</div><div>socket.error: [Errno 104] Connection reset by peer</div></div><div style="font-size: medium; "><br></div></div><div style="font-size: medium; ">------------------------------------------------------------------------------------------------------------------------------------------------------------</div><div style="font-size: medium; ">So what is wrong with my code?</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">The codes are so simple and so much like python official site sample demonstration, but I still cant get it work, so frustrating. </div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">Seems the problem happened on server side then cause client side cant connect well, is that right?</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">My platform is ubuntu, with openssl 0.9.8 and python 2.7.</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">All certificates and keys self-signed by openssl for test convenience.</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">This is the site for referrence : http://andyjeffries.co.uk/articles/x509-encrypted-authenticated-socket-ruby-client</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">Or should I need a real certificate issued by a real CA to let things work?</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">Any tips or suggestions welcomed, thank you very much~</div><div style="font-size: medium; "><br></div><div style="font-size: medium; ">Good day.</div><div style="font-size: medium; "><br></div><div><font class="Apple-style-span" size="3">Kay</font></div><div style="font-size: medium; "><br></div> </div></body>
</html>