C＃SSL連接積極拒絕

Question

我正在創建一個需要加密連接並且有問題的應用程序。我從同一臺計算機上運行客戶端和服務器。如果我沒有SSL連接（通過TCPClient和TCPListener，一切正常，但是，使用SSLStream class不斷給我SocketException 0x80004005「連接積極拒絕」我一直在其他職位環顧四周，我似乎無法找到我的問題

客戶：

private void okButton_Click(object sender, RoutedEventArgs e) 
    { 

     string serverCertName = COMPUTER_NAME; 
     string machineName = "127.0.0.1"; 

     SslStream stream = runClient(machineName, serverCertName, int.Parse(clientPort.Text)); 

     if (stream.CanWrite) 
     { 
      MessageBox.Show("We can write to the stream. We have a connection!"); 
     } 
     splitFile(this.sourceName); 
    } 

    public static bool ValidateServerCertificate(
     object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) 
    { 
     if (sslPolicyErrors == SslPolicyErrors.None) 
     { 
      return true; 
     } 
     //disallow communication with unauthenticated servers 
     return false; 
    } 

    public static SslStream runClient(string machineName, string serverName, int port) 
    { 
     //create client socket, machineName is the host running the server 
     //THIS IS WHERE EVERYTHING FAILS 
     TcpClient client = new TcpClient(machineName, port); 
     SslStream sslStream = new SslStream(client.GetStream(), 
      false, new RemoteCertificateValidationCallback(ValidateServerCertificate), null); 

     //server should match that is on that server cert 
     try 
     { 
      sslStream.AuthenticateAsClient(serverName); 
     } 
     catch (AuthenticationException e) 
     { 
      if (e.InnerException != null) 
      { 

      } 
      client.Close(); 
      return null; 
     } 

     //encode message as byte array for testing, etc 
     return sslStream; 
    } 

服務器：

static X509Certificate serverCertificate = null; 
    private void Window_Loaded(object sender, RoutedEventArgs e) 
    { 
     IPAddress ip = IPAddress.Parse("127.0.0.1"); 
     int port = 13000; 
     string certificate = COMPUTER_NAME; 

     runServer(ip, port, certificate); 
    } 

    /// Start the ssl tcp listener 
    public static void runServer(IPAddress ip, int port, string certificate) 
    { 
     serverCertificate = X509Certificate.CreateFromCertFile(certificate); 
     TcpListener listener = new TcpListener(IPAddress.Any, port); 
     listener.Start(); 

     while (true) 
     { 
      TcpClient client = listener.AcceptTcpClient(); 
      processClient(client); 
     } 
    } 

    //executes if a client has connected. Create the SslStream using the connected client's stream 
    static void processClient(TcpClient client) 
    { 
     SslStream sslStream = new SslStream(client.GetStream(), false); 

     //authenticate the server, but doesn't require the client to authenticate 
     try 
     { 
      sslStream.AuthenticateAsServer(serverCertificate, false, SslProtocols.Tls, true); 
      //set timeouts to 5 seconds. Seems like a long time. If nothing happens after 5 sec it won't happen 
      sslStream.ReadTimeout = 5000; 
      sslStream.WriteTimeout = 5000; 
      string data = readMessage(sslStream); 
     } 
     catch (AuthenticationException e) 
     { 
      Console.WriteLine("Exception: {0}", e.Message); 
      if (e.InnerException != null) 
      { 
       Console.WriteLine("Inner exception: {0}", e.InnerException.Message); 
      } 
      Console.WriteLine("Authentication failed - closing the connection."); 
      sslStream.Close(); 
      client.Close(); 
      return; 
     } 
     finally 
     { 
      sslStream.Close(); 
      client.Close(); 
     } 
    } 

我是全新的在C＃中通用的TCP/IP連接，因此它完全有可能，我做了一些愚蠢的，錯誤的，或過於複雜，我有f nd（通過堆棧溢出）SslStream是要走的路，但我似乎無法使其工作。有人有任何想法嗎？我真的很感激幫助。

非常感謝您提前！

Answer 1

我認爲您正嘗試作爲客戶端進行身份驗證，但您的服務器未作爲服務器進行身份驗證。嘗試並確保這是在同一時間發生，它應該工作。