[Twisted-Python] I'm missing something on SSL-encrypted PB connections...
Hi all, I'm working on refining a load-sharing mechanism to run across a number of pb connections (sharing processor time and/or access to a network). One of the requirements I have is that I must be able to run the pb connections over encrypted channels. However, when I try to set up an SSL-encrypted server (using the same mechanisms I've used for setting up SSL-encrypted Nevow sites and the same ones in the echo examples) I always get a connection refused error on the client when I try to connect. I'm using self-generated keys from: openssl genrsa > privkey.pem openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1000 I'm guessing this has to be some incredibly stupid error, but I'm not seeing it in a few hours of poking now, so this is basically a request for more eyes. I've reduced the failing code down to a modification of the pbecho* example code (attached). With keys generated as above in the current directory the server starts fine, but the client always receives: Failure: twisted.internet.error.ConnectionRefusedError: Connection was refused by other side: 111: Connection refused. when it tries to connect. The only other code I've found trying to use SSL + PB is connecting it up to a multi-service of some sort, which I don't *think* should be necessary. Thoughts appreciated, Mike -- ________________________________________________ Mike C. Fletcher Designer, VR Plumber, Coder http://www.vrplumber.com http://blog.vrplumber.com
On Tue, 2005-12-20 at 13:25 -0500, Mike C. Fletcher wrote:
I'm working on refining a load-sharing mechanism to run across a number of pb connections (sharing processor time and/or access to a network). One of the requirements I have is that I must be able to run the pb connections over encrypted channels. However, when I try to set up an SSL-encrypted server (using the same mechanisms I've used for setting up SSL-encrypted Nevow sites and the same ones in the echo examples) I always get a connection refused error on the client when I try to connect.
That's because you haven't actually started listening on the port; you forgot to do serve.startService() in your code. Or, since you're using reactor directly, you can just reactor.listenSSL instead of using a Service.
Itamar Shtull-Trauring wrote:
On Tue, 2005-12-20 at 13:25 -0500, Mike C. Fletcher wrote:
... stupidity ...
That's because you haven't actually started listening on the port; you forgot to do serve.startService() in your code. Or, since you're using reactor directly, you can just reactor.listenSSL instead of using a Service.
Duh! Sigh, I figured it had to be something so blindingly stupid I just couldn't see it. Sorry for the wasted bandwidth, and thanks for the clue-stick, Mike -- ________________________________________________ Mike C. Fletcher Designer, VR Plumber, Coder http://www.vrplumber.com http://blog.vrplumber.com
participants (2)
-
Itamar Shtull-Trauring
-
Mike C. Fletcher