[rabbitmq-discuss] Pika + SSL
Gavin M. Roy
gmr at myyearbook.com
Thu Apr 7 19:01:12 BST 2011
I'll try to add the peer verification certs and requirement to the test.
The code you pasted doesn't show, which connection adapter are you using?
On Thu, Apr 7, 2011 at 10:26 AM, Matthew Long <mlong at rozoom.com> wrote:
> Hi Gavin,
>
> We tried it with logging turned on in pika but could not see any errors
> created. When we start the application it seems to connect for maybe a few
> seconds but dies right after that.
>
> These are the options we are using:
>
> #! /usr/bin/env python
> import ssl
> from QO.RabbitMQ.SpecialPublisher import SpecialPubliser
>
> ###Some other code
>
> #192.168.4.76:10000
>
> publ = SpecialPubliser()
> publ.host = 'IM02'
> publ.port = 5671
> publ.ssl = True
> publ.ssl_options = ({
> "cacertfile":
> "/home/rouser/certs/testca/cacert.pem",
> "certfile":
> "/home/rouser/certs/client/cert.pem",
> "keyfile":
> "/home/rouser/certs/client/key.pem",
> #'cert_reqs': ssl.CERT_REQUIRED
> "verify": "verify_peer",
> "fail_if_no_peer_cert": True
> })
> publ.username = 'guest'
> publ.password = 'guest'
> publ.exchange = 'test'
> publ.queue = 'test'
> publ.messagesNum = 10
> publ.message = message
> publ.Publish()
>
> We have the keys created and RabbitMQ running with SSL enabled. Does it
> work on your end? What else might be the issue?
>
> Let me know.
>
> Thanks,
> Matthew
>
>
> On Wed, Apr 6, 2011 at 6:59 PM, Gavin M. Roy <gmr at myyearbook.com> wrote:
>
>> Good news, it was fairly painless to implement. I've pushed the commits
>> to https://github.com/pika/pika in master, if you'd like to test it out.
>> I used the instructions on http://www.rabbitmq.com/ssl.html to setup SSL
>> on the RabbitMQ server and tested against that.
>>
>> Currently this only works with the BlockingConnection, SelectConnection
>> and TornadoConnection.
>>
>> There are two new files in the examples: demo_ssl_send.py and
>> demo_ssl_receive.py.
>>
>> The SSL connection syntax is fairly painless:
>>
>> connection = SelectConnection(ConnectionParameters(host, 5671),
>> on_open_callback=on_connected,
>> ssl=True)
>>
>> The ssl_options argument, if used, should be a dictionary of key-value
>> pairs for the arguments of ssl.wrap_socket as found at:
>>
>> http://docs.python.org/dev/library/ssl.html#socket-creation
>>
>> If you don't mind, please clone the repo and install from source and let
>> me know your results.
>>
>> Gavin
>>
>> On Wednesday, April 6, 2011 at 6:50 PM, Gavin M. Roy wrote:
>>
>> On Wednesday, April 6, 2011 at 6:25 PM, Matthew Long wrote:
>>
>> Hello,
>>
>> Is there a way to use the amqp python library pika with rabbitmq
>> configured for ssl? I've looked at the code and the docs but there doesn't
>> seem to be ssl support built in.
>>
>> Not currently, I can look and see what's involved. I'm hacking on Pika 2
>> right now, but give me a few hours and I'll let you know what I find.
>>
>> Does anyone know how we would go about using our application with pika
>> amqp connecting to rabbitmq ssl without switching to py-amqplib?
>>
>> Off the cuff, it's not possible without some sort of proxy. Just to
>> confirm, which version of Pika are you using?
>>
>> Gavin
>>
>>
>>
>
>
> --
> Matthew Long
> CEO - roZoom, Inc
> Phone: 773-584-8225
> Email: mlong at rozoom.com
> *www.rozoom.com*
> <http://rozoom.com>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20110407/c9532234/attachment.htm>
More information about the rabbitmq-discuss
mailing list