0
我試圖擴展我通過SSL處理HTTPS請求的Web服務器。 我的教授說我們應該使用ssl.wrap_socket並給了我們使用的密碼。「ssl.SSLError:...沒有共享密碼」試圖處理HTTPS請求時webserver
這是我到目前爲止有:
from socket import *
import ssl
serverSocket = socket(AF_INET, SOCK_STREAM)
serverPort = 443
serverSocket.bind(("", serverPort))
serverSocket.listen(1)
while True:
print ('Ready to serve...')
connectionSocket, addr = serverSocket.accept()
connectionSocket = ssl.wrap_socket(connectionSocket,
keyfile="./server.key",
certfile="./server.pem",
server_side=True,
cert_reqs=ssl.CERT_NONE,
ssl_version=ssl.PROTOCOL_SSLv23,
ca_certs=None,
do_handshake_on_connect=True,
suppress_ragged_eofs=True,
ciphers="AES128-SHA256")
try:
message = (connectionSocket.recv(1024)).decode('utf-8')
filename = message.split()[1]
f = open(filename[1:],'rb')
outputdata = f.read()
f.close()
connectionSocket.send(b'HTTP/1.1 200 OK\r\n\r\n')
connectionSocket.send(outputdata)
connectionSocket.send(b'\r\n')
connectionSocket.shutdown(SHUT_RDWR)
connectionSocket.close()
except IOError:
connectionSocket.send(b'HTTP/1.1 404 Not Found\r\n\r\n')
connectionSocket.send(b'<html><head></head><body><h1>404 Not Found</h1></body></html>\r\n')
connectionSocket.shutdown(SHUT_RDWR)
connectionSocket.close()
serverSocket.close()
我在用下面的代碼在命令行中測試這一點,它似乎工作。這表明我對SSL會話,如協議,密碼,會話ID,主鍵和index.html內容的權利信息:
openssl s_client -connect localhost:443
GET /index.html
對於任務,我必須把"https://localhost:443/index.html"進入下一節我瀏覽器,但我的網絡服務器崩潰與此錯誤:
ssl.SSLError: [SSL: NO_SHARED_CIPHER] no shared cipher (_ssl.c:661)
我的代碼有什麼問題?
也許你可以用一些簡單的腳本來檢查你的證書/ CA或者測試服務器,列出一些可用的密碼:https://superuser.com/questions/109213/is-there-a-tool-that-can-test -what-ssl-tls-cipher-suites-a-special-website-of –
@zhiqianghuang:「沒有共享密碼」與證書驗證無關。 –