[rabbitmq-discuss] facing issues with the SSL implementations with RabbitMQ + Windows + .Net
Abhijit
abhijit.sinha at kiprosh.com
Tue Aug 9 15:13:26 BST 2011
hello sir,
> [{amqp-0-9://localhost:5671}] =
> {System.Security.Authentication.AuthenticationException: A call to
> SSPI failed, see inner exception. --->
> System.ComponentModel.Win32Exception: The message received was
> unexpected or badly formatted
i got this error after changing it to pem sir, and also i created the
certificates properly as per the rabbitmq ssl steps but i haven't able
to understand this steps mentioned:
http://www.rabbitmq.com/ssl.html#trust-dotNET,
i have executed them but all they do is opens the certmanager window.
Any suggestions.
Thanks and Regards,
Abhijit
On 8/9/2011 7:36 PM, Alexandru Scvorţov wrote:
> I managed to reproduce your error.
>
> Solution: do not use the .cer file in the broker config; use the .pem
> file. For some reason, rather than complaining that it can't read the
> CA certificate, Erlang just silently ignores that and throws an "unknown
> CA" error. Hurray!
>
> So, change
> {cacertfile,"C:\\testca\\cacert.cer"}
> with
> {cacertfile,"C:\\testca\\cacert.pem"}
>
> Please let me know if this helps.
>
> Cheers,
> Alex
>
> On Tue, Aug 09, 2011 at 06:22:23PM +0530, Abhijit wrote:
>
>> ya sir that was set true, i would go back and look at my certification
>> creation steps and find out whether i did everything properly.
>>
>> and would let you know once that i done.
>>
>> Thanks and Regards,
>> Abhijit
>>
>> On 8/9/2011 6:18 PM, Alexandru Scvorţov wrote:
>>
>>>> Am basically getting this error, i tried debugging and solved most of
>>>> the problems but still getting this:
>>>>
>>>>
>>> Oh, great. My guess about the really long error was that you needed some
>>> clients to connect without providing certificates, but
>>> fail_if_no_peer_cert was set to true in the config file. Was that
>>> right?
>>>
>>>
>>>
>>>>> [{amqp-0-9://localhost:5671}] =
>>>>> {System.Security.Authentication.AuthenticationException: A call to
>>>>> SSPI failed, see inner exception. --->
>>>>> System.ComponentModel.Win32Exception: The certificate chain was issued
>>>>> by an authority that is not trusted
>>>>>
>>>>>
>>> I haven't seen that before. Did you follow the steps in our SSL guide
>>> to generate the certificate (in particular, were the client certificates
>>> signed by the CA set in the broker)?
>>>
>>> Alex
>>>
>>> On Tue, Aug 09, 2011 at 06:08:19PM +0530, Abhijit wrote:
>>>
>>>
>>>> hi sir,
>>>>
>>>> Am basically getting this error, i tried debugging and solved most of
>>>> the problems but still getting this:
>>>>
>>>>
>>>>
>>>>> [{amqp-0-9://localhost:5671}] =
>>>>> {System.Security.Authentication.AuthenticationException: A call to
>>>>> SSPI failed, see inner exception. --->
>>>>> System.ComponentModel.Win32Exception: The certificate chain was issued
>>>>> by an authority that is not trusted
>>>>> --- End of inner exception stack trace -...
>>>>>
>>>>>
>>>> Thanks and Regards,
>>>> Abhijit
>>>>
>>>>
>>>>
>>>>
>>>> On 8/9/2011 5:39 PM, Alexandru Scvorţov wrote:
>>>>
>>>>
>>>>>> i would go ahead for now, if any queries i would again seek your help.
>>>>>>
>>>>>>
>>>>>>
>>>>> Excellent. Don't hesitate to ask us any more questions.
>>>>>
>>>>> Also, in the future, could you please make sure to CC the mailing list
>>>>> when replying?
>>>>>
>>>>> Cheers,
>>>>> Alex
>>>>>
>>>>> On Tue, Aug 09, 2011 at 05:31:22PM +0530, Abhijit wrote:
>>>>>
>>>>>
>>>>>
>>>>>> hi sir,
>>>>>>
>>>>>> finally got this:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> =INFO REPORT==== 9-Aug-2011::17:28:33 ===
>>>>>>> started TCP Listener on 0.0.0.0:5672
>>>>>>>
>>>>>>> =INFO REPORT==== 9-Aug-2011::17:28:33 ===
>>>>>>> started SSL Listener on 0.0.0.0:5671
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> your this step
>>>>>>
>>>>>> Could you copy the config file to "...\AppData\Roaming\RabbitMQ.config"
>>>>>> and try again
>>>>>>
>>>>>> helped...
>>>>>>
>>>>>> i would go ahead for now, if any queries i would again seek your help.
>>>>>>
>>>>>> Thanks and Regards,
>>>>>> Abhijit
>>>>>>
>>>>>> On 8/9/2011 5:20 PM, Alexandru Scvorţov wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> That's a bit odd. I'm not sure how that can happen. It looks like you
>>>>>>> somehow set the RABBITMQ_CONFIG_FILE variable at some point.
>>>>>>>
>>>>>>> The file is normally in:
>>>>>>> ...\AppData\Roaming\RabbitMQ\rabbitmq.config
>>>>>>> but your system is looking for it in:
>>>>>>> ...\AppData\Roaming\RabbitMQ.config
>>>>>>>
>>>>>>> Could you copy the config file to "...\AppData\Roaming\RabbitMQ.config"
>>>>>>> and try again? Alternatively, unset the RABBITMQ_CONFIG_FILE variable
>>>>>>> and try again without copying the file.
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Alex
>>>>>>>
>>>>>>> On Tue, Aug 09, 2011 at 05:02:04PM +0530, Abhijit wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> I deleted the dot as you asked to and also wrote the line find which
>>>>>>>> config we are using, and found we are using the same config file and
>>>>>>>> also broker is running successfully without the dot. Am attaching the
>>>>>>>> print-screen for the command line output i received when i tried running
>>>>>>>> rabbit-mq server
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> thanks and regards,
>>>>>>>> Abhijit
>>>>>>>>
>>>>>>>> On 8/9/2011 4:50 PM, Alexandru Scvorţov wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>> Ok. Could you delete the dot at the end (or introduce some other
>>>>>>>>> syntactic error) and try again?
>>>>>>>>>
>>>>>>>>> If it still runs, it's using a different configuration file.
>>>>>>>>>
>>>>>>>>> Could you also add the following line to the rabbitmq-server.bat file?
>>>>>>>>> echo CONFIG_FILE: !RABBITMQ_CONFIG_FILE!.config
>>>>>>>>> It should go in towards the end, right before the "!ERLANG_HOME!\bin\erl.exe"
>>>>>>>>> line.
>>>>>>>>>
>>>>>>>>> That way, when you start the server manually with the .bat, we will know
>>>>>>>>> which config file it's using.
>>>>>>>>>
>>>>>>>>> Alex
>>>>>>>>>
>>>>>>>>> On Tue, Aug 09, 2011 at 04:42:32PM +0530, Abhijit wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> hi sir,
>>>>>>>>>>
>>>>>>>>>> It didn't worked as we wanted...this are the last two phrases in the log
>>>>>>>>>> file of the broker.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> =INFO REPORT==== 9-Aug-2011::16:39:52 ===
>>>>>>>>>>> started TCP Listener on [::]:5692
>>>>>>>>>>>
>>>>>>>>>>> =INFO REPORT==== 9-Aug-2011::16:39:53 ===
>>>>>>>>>>> started TCP Listener on 0.0.0.0:5692
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>> i copied the rabbitmq.config which you sent me but didn't worked out.
>>>>>>>>>>
>>>>>>>>>> Thanks and Regards,
>>>>>>>>>> Abhijit
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 8/9/2011 4:19 PM, Alexandru Scvorţov wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>> Am using the same path, C:\Users\Administrator\AppData\Roaming\RabbitMQ\rabbitmq.config for including ssl in my app.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> Ok.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> But the file wasn't present earlier i had created that file in order to have SSL in my app at the same location.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> That's fine.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> i tried running the bat file for the rabbitmq-server that didn't help sir, do you need any part of code for inspection.
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> The code isn't the problem right now. It's getting rabbit to enable
>>>>>>>>>>> ssl.
>>>>>>>>>>>
>>>>>>>>>>> I'm attaching a rabbitmq.config. Please try using that one. Restart
>>>>>>>>>>> the broker and the last lines in the broker log should be:
>>>>>>>>>>>
>>>>>>>>>>> =INFO REPORT==== 9-Aug-2011::11:44:37 ===
>>>>>>>>>>> started TCP Listener on [::]:5672
>>>>>>>>>>>
>>>>>>>>>>> =INFO REPORT==== 9-Aug-2011::11:44:37 ===
>>>>>>>>>>> started SSL Listener on 0.0.0.0:5671
>>>>>>>>>>>
>>>>>>>>>>> Let me know how it goes, please.
>>>>>>>>>>>
>>>>>>>>>>> Cheers,
>>>>>>>>>>> Alex
>>>>>>>>>>>
>>>>>>>>>>> On Tue, Aug 09, 2011 at 04:09:42PM +0530, Abhijit wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> Hi Sir,
>>>>>>>>>>>>
>>>>>>>>>>>> Am using the same path, C:\Users\Administrator\AppData\Roaming\RabbitMQ\rabbitmq.config for including ssl in my app.
>>>>>>>>>>>>
>>>>>>>>>>>> But the file wasn't present earlier i had created that file in order to have SSL in my app at the same location.
>>>>>>>>>>>>
>>>>>>>>>>>> i tried running the bat file for the rabbitmq-server that didn't help sir, do you need any part of code for inspection.
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks a lot for your time and replies.
>>>>>>>>>>>>
>>>>>>>>>>>> Regards,
>>>>>>>>>>>> Abhijit
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>>
>>>>
>>>>
>>
More information about the rabbitmq-discuss
mailing list