开发者

C# SSL connection actively refused

I'm creating an application that requires an encrypted connection, and am having problems. I am running both the client and server from the same computer. If I connect without SSL (via TCPClient and TCPListener, everything works perfectly fine. However, using the SSLStream class keeps giving me SocketException 0x80004005 "Connection Actively Refused". I've been looking around at other posts and I can't seem to pinpoint 开发者_开发技巧my problem.

Client:

private void okButton_Click(object sender, RoutedEventArgs e)
    {

        string serverCertName = COMPUTER_NAME;
        string machineName = "127.0.0.1";

        SslStream stream = runClient(machineName, serverCertName, int.Parse(clientPort.Text));

        if (stream.CanWrite)
        {
            MessageBox.Show("We can write to the stream. We have a connection!");
        }
        splitFile(this.sourceName);
    }

    public static bool ValidateServerCertificate(
        object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)
    {
        if (sslPolicyErrors == SslPolicyErrors.None)
        {
            return true;
        }
        //disallow communication with unauthenticated servers
        return false;
    }

    public static SslStream runClient(string machineName, string serverName, int port)
    {
        //create client socket, machineName is the host running the server
        //THIS IS WHERE EVERYTHING FAILS
        TcpClient client = new TcpClient(machineName, port);
        SslStream sslStream = new SslStream(client.GetStream(),
            false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null);

        //server should match that is on that server cert
        try
        {
            sslStream.AuthenticateAsClient(serverName);
        }
        catch (AuthenticationException e)
        {
            if (e.InnerException != null)
            {

            }
            client.Close();
            return null;
        }

        //encode message as byte array for testing, etc
        return sslStream;
    }

Server:

static X509Certificate serverCertificate = null;
    private void Window_Loaded(object sender, RoutedEventArgs e)
    {
        IPAddress ip = IPAddress.Parse("127.0.0.1");
        int port = 13000;
        string certificate = COMPUTER_NAME;

        runServer(ip, port, certificate);
    }

    /// Start the ssl tcp listener
    public static void runServer(IPAddress ip, int port, string certificate)
    {
        serverCertificate = X509Certificate.CreateFromCertFile(certificate);
        TcpListener listener = new TcpListener(IPAddress.Any, port);
        listener.Start();

        while (true)
        {
            TcpClient client = listener.AcceptTcpClient();
            processClient(client);
        }
    }

    //executes if a client has connected. Create the SslStream using the connected client's stream
    static void processClient(TcpClient client)
    {
        SslStream sslStream = new SslStream(client.GetStream(), false);

        //authenticate the server, but doesn't require the client to authenticate
        try
        {
            sslStream.AuthenticateAsServer(serverCertificate, false, SslProtocols.Tls, true);
            //set timeouts to 5 seconds. Seems like a long time. If nothing happens after 5 sec it won't happen
            sslStream.ReadTimeout = 5000;
            sslStream.WriteTimeout = 5000;
            string data = readMessage(sslStream);
        }
        catch (AuthenticationException e)
        {
            Console.WriteLine("Exception: {0}", e.Message);
            if (e.InnerException != null)
            {
                Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
            }
            Console.WriteLine("Authentication failed - closing the connection.");
            sslStream.Close();
            client.Close();
            return;
        }
        finally
        {
            sslStream.Close();
            client.Close();
        }
    }

I'm brand new to TCP/IP connections in general in C#, so it's entirely possible I did something silly, wrong, or overly complicated. I had found (via stack overflow) that SslStream was the way to go, but I just can't seem to make it work. Does anybody have any ideas? I'd really appreciate the help.

Thank you much in advance!


I think that you are trying to authenticate as a client, but your server is not authenticating as a server. Try and make sure that this is happening at the same time and it should work.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜