My simple java HTTPS server only works for localhost

Question

I have a simple HTTPS test server implemented in Java, as shown below. It accepts client connections and sends back a piece of text about the socket. The problem is that it works locally on a browser using https://localhost:8888, but it does not work with remote browsers, when I use the real IP of my machine (129.46.xx.xx:8888). Where is the problem coming from? When testing, don't forget to generate a sample certificate and provide the info below.

EDIT: Interestingly, when I run it on Ubuntu 12.04, I can connect to it. But not when running on windows!

import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.FileInputStream;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.security.KeyStore;

import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
public class HttpsEchoer {
   public static void main(String[] args) {
      String ksName = "myks.jks";
      char ksPass[] = "mypass".toCharArray();
      char ctPass[] = "mypass".toCharArray();
      try {
         KeyStore ks = KeyStore.getInstance("JKS");
         ks.load(new FileInputStream(ksName), ksPass);
         KeyManagerFactory kmf = 
         KeyManagerFactory.getInstance("SunX509");
         kmf.init(ks, ctPass);
         SSLContext sc = SSLContext.getInstance("TLS");
         sc.init(kmf.getKeyManagers(), null, null);
         SSLServerSocketFactory ssf = sc.getServerSocketFactory();
         SSLServerSocket s 
            = (SSLServerSocket) ssf.createServerSocket(8888);
         System.out.println("Server started:");
         printServerSocketInfo(s);
         // Listening to the port
         int count = 0;
         while (true) {
            SSLSocket c = (SSLSocket) s.accept();
            // Someone is calling this server
            count++;
            System.out.println("Connection #: "+count);
            printSocketInfo(c);
            BufferedWriter w = new BufferedWriter(
               new OutputStreamWriter(c.getOutputStream()));
            BufferedReader r = new BufferedReader(
               new InputStreamReader(c.getInputStream()));
            String m = r.readLine();
//            System.out.println(m);
            if (m!=null) {
               // We have a real data connection
               w.write("HTTP/1.1 200 OK");
               w.newLine();
               w.write("Content-Type: text/html");
               w.newLine();
               w.newLine();
               w.write("<html><body><pre>");
               w.newLine();
               w.write("Connection #: "+count);
               w.newLine();
               w.newLine();
               w.write(m);
               w.newLine();
               while ((m=r.readLine())!= null) {
                  if (m.length()==0) break; // End of a GET call
                  w.write(m);
                  w.newLine();
               }
               w.write("</pre></body></html>");
               w.newLine();
               w.flush();
            }     
            w.close();
            r.close();
            c.close();
         }
      } catch (Exception e) {
         e.printStackTrace();
      }
   }
   private static void printSocketInfo(SSLSocket s) {
      System.out.println("Server socket class: "+s.getClass());
      System.out.println("   Remote address = "
         +s.getInetAddress().toString());
      System.out.println("   Remote port = "
         +s.getPort());
      System.out.println("   Local socket address = "
         +s.getLocalSocketAddress().toString());
      System.out.println("   Local address = "
         +s.getLocalAddress().toString());
      System.out.println("   Local port = "
         +s.getLocalPort());
   }
   private static void printServerSocketInfo(SSLServerSocket s) {
      System.out.println("Server socket class: "+s.getClass());
      System.out.println("   Socker address = "
         +s.getInetAddress().toString());
      System.out.println("   Socker port = "
         +s.getLocalPort());
      System.out.println("   Need client authentication = "
         +s.getNeedClientAuth());
      System.out.println("   Want client authentication = "
         +s.getWantClientAuth());
      System.out.println("   Use client mode = "
         +s.getUseClientMode());
   } 
}

This is what printServerSocketInfo() method is showing:

Server started:
Server socket class: class sun.security.ssl.SSLServerSocketImpl
   Socker address = 0.0.0.0/0.0.0.0
   Socker port = 8888
   Need client authentication = false
   Want client authentication = false
   Use client mode = false

This is what the local browser is showing:

Connection #: 3

GET / HTTP/1.1
Host: localhost:8888
Connection: keep-alive
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.114 Safari/537.36 OPR/22.0.1471.50 (Edition Campaign 38)
Accept-Encoding: gzip,deflate,lzma,sdch
Accept-Language: en-US,en;q=0.8

You should open port 8888 in your firewall. If you're on Windows, then open the `Start` menu, enter `firewall`, click `Inbound Rules`, click `New Rule...`, choose `Port`, click `Next`, choose `Specific local ports` and enter `8888`. — barak manos, Jun 11 '14 at 21:06
What does the `printServerSocketInfo` output look like when the socket is created? — John Farrelly, Jun 11 '14 at 21:11
firewall of the server, or the client? So what port can I use not to be blocked? 443, 4443 for HTTPS works?! — Tina J, Jun 11 '14 at 21:11
@TinaJasmin that doesn't look like the output that `printServerSocketInfo` would print? — John Farrelly, Jun 11 '14 at 21:50

score 1 · Answer 1 · answered Jun 11 '14 at 21:21

1

Try creating your server socket like this:

SSLServerSocket s = (SSLServerSocket) ssf.createServerSocket(8888, 0, null);

The null as the last argument should tell the server socket factory to create a socket that is bound to all network interfaces.

Here's a link to the javadoc for that particular version of the method.

answered Jun 11 '14 at 21:21

John Farrelly

7,289
9
42
52

I also suspect your socket is only binding to your loopback interface. – Hiro2k Jun 11 '14 at 21:22
This has the same effect as what he's doing. In fact the constructor he's calling calls this constructor with null as the third argument. – user207421 Jun 11 '14 at 21:41
@EJP The output of the `printServerSocketInfo` call says the socket is bound to `localhost`, and not `0.0.0.0` if it was binding to all network interfaces? – John Farrelly Jun 11 '14 at 21:49
@JohnFarrelly No difference. Interestingly, when I run it on Ubuntu, I can connect to it. But not windows! – Tina J Jun 11 '14 at 22:09
1

@TinaJasmin it is most likely firewall settings on your windows OS. Have a look here about opening ports on windows: http://windows.microsoft.com/en-ie/windows/open-port-windows-firewall#1TC=windows-7 – John Farrelly Jun 11 '14 at 22:15
Damn it; there is actually no "inbound" rules; it shows "there was an error opening the windows firewall with advanced security snap-in". – Tina J Jun 11 '14 at 22:23

My simple java HTTPS server only works for localhost

1 Answers1

Linked