[Tutor] Localhost client-server simple ssl socket test program problems

Alexander rhettnaxel at gmail.com
Thu Dec 15 20:24:37 CET 2011 

2011/12/15 Yang Chun-Kai <waitmeforever at hotmail.com>

>  Hello,everyone!!
>
> I am writing a simple ssl client-server test program on my personal laptop.
>
> And I encounter some problems with my simple programs.
>
> Please give me some helps.
>
> --------------------------------------------------------------------------------------------------------------------------------------------------------
>
> My server code:
>
> import socket
> import ssl
> bindsocket = socket.socket()
> bindsocket.bind(('127.0.0.1', 1234))
> bindsocket.listen(5)
> print 'server is waiting for connection...'
> newsocket, fromaddr = bindsocket.accept()
> print 'start ssl socket...'
> connstream = ssl.wrap_socket(newsocket, server_side=True,
> certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt",
> keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key",
> ssl_version=ssl.PROTOCOL_SSLv23)
> data = connstream.read()
> print 'connected from address', fromaddr
> print 'received data as', repr(data)
> connstream.close()
>
> My client code:
>
> import socket
> import ssl
> s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
> ssl_sock = ssl.wrap_socket(s,
> ca_certs="/home/ckyang/PHA/testsslsocket/myCA.crt",
> cert_reqs=ssl.CERT_REQUIRED)
> ssl_sock.connect(("127.0.0.1", 1234))
> ssl_sock.write("hello")
> ssl_sock.close()
>
>
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
> Server side error:
>
> File "views.py", line 17, in & lt;module>
> connstream = ssl.wrap_socket(newsocket, server_side=True,
> certfile="/etc/home/ckyang/PHA/testsslsocket/mypha.crt",
> keyfile="/etc/home/ckyang/PHA/testsslsocket/mypha.key",
> ssl_version=ssl.PROTOCOL_SSLv23)
>   File "/usr/lib/python2.7/ssl.py", line 344, in wrap_socket
>     ciphers=ciphers)
>   File "/usr/lib/python2.7/ssl.py", line 119, in __init__
>     ciphers)
> ssl.SSLError: [Errno 336265218] _ssl.c:347: error:140B0002:SSL
> routines:SSL_CTX_use_PrivateKey_file:system lib
>
> Client side error:
>
> File "client.py", line 10, in <module>
>     ssl_sock.connect(("127.0.0.1", 1234))
>   File "/usr/lib/python2.7/ssl.py", line 299, in connect**
>     self.do_handshake()
>   File "/usr/lib/python2.7/ssl.py", line 283, in do_handshake
>     self._sslobj.do_handshake()
> socket.error: [Errno 104] Connection reset by peer
>
>
> ------------------------------------------------------------------------------------------------------------------------------------------------------------
> So what is wrong with my code?
>
> The codes are so simple and so much like python official site sample
> demonstration, but I still cant get it work, so frustrating.
>
> Seems the problem happened on server side then cause client side cant
> connect well, is that right?
>
> **
> My platform is ubuntu, with openssl 0.9.8 and python 2.7.
>
> All certificates and keys self-signed by openssl for test convenience.
>
> This is the site for referrence :
> http://andyjeffries.co.uk/articles/x509-encrypted-authenticated-socket-ruby-client
>
> Or should I need a real certificate issued by a real CA to let things work?
>
> Any tips or suggestions welcomed, thank you very much~
>
> Good day.
>
> Kay
>
> **
>
> _______________________________________________
> Tutor maillist  -  Tutor at python.org
> To unsubscribe or change subscription options:
> http://mail.python.org/mailman/listinfo/tutor
>
>
You're trying to connect to the same port on localhost as a client and a
server? I don't know for certain but I don't think that should work.
Two computers?


-- 
Alexander
7D9C597B
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/tutor/attachments/20111215/236b2679/attachment.html>

More information about the Tutor mailing list