[rabbitmq-discuss] facing issues with the SSL implementations with RabbitMQ + Windows + .Net
Abhijit
abhijit.sinha at kiprosh.com
Thu Aug 11 13:18:53 BST 2011
Thanks a lot sir for helping me out thoroughly.
its working perfectly i was using the server certificate at the client
end until now.
Thanks and Regards,
Abhijit
On 8/11/2011 5:36 PM, Alexandru Scvorţov wrote:
> Hello,
>
> I don't see anything wrong with how you're generating certificate, but I
> do see a problem with your certificates:
> the keycert.p12 contains the SERVER certificates, rather than the
> client certificates.
>
> Using your certificates, I get "The message received was unexpected or
> badly formatted" on the .NET side and {ssl_upgrade_error,esslaccept} on
> the server side. This is what's expected when you use the server
> certificates for the client. Is that also what you get?
>
> If so, could you please make sure, when generating CLIENT, certificates,
> you do
>
> # cd ../client
> # openssl pkcs12 -export -out keycert.p12 -in cert.pem -inkey key.pem
> # passout pass:password
>
> and not
>
> # cd ../server
> # openssl pkcs12 -export -out keycert.p12 -in cert.pem -inkey key.pem
> # passout pass:password
>
> or something similar.
>
> Cheers,
> Alex
>
>
> On Thu, Aug 11, 2011 at 12:54:00PM +0530, Abhijit wrote:
>
>> Hi Sir,
>>
>> Am sending you the new set of certificates i made today morning which
>> were still giving same errors. Can you please inspect them and let me
>> know what are the errors.
>>
>> Thanks and Regards,
>> Abhijit
>>
>> On 8/10/2011 8:15 PM, Alexandru Scvorţov wrote:
>>
>>>> can you tell me did you create your certificates on windows?
>>>> or on linux machine?
>>>>
>>>>
>>> I generated the certificates on Windows Server 2008.
>>>
>>>
>>>
>>>> openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 365 \
>>>> -out cacert.pem -outform PEM -subj /CN=MyTestCA/ -nodes
>>>>
>>>> i executed above as
>>>> openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 365 -out cacert.pem -outform PEM -subj /CN=MyTestCA/ -nodes
>>>>
>>>>
>>> I did the same thing.
>>>
>>> Could you send the certificates you're using? (same files I sent
>>> earlier) I'll see if I can find anything wrong with them.
>>>
>>> Alex
>>>
>>> On Wed, Aug 10, 2011 at 07:56:51PM +0530, Abhijit wrote:
>>>
>>>
>>>> OK Sir
>>>>
>>>> can you tell me did you create your certificates on windows?
>>>> or on linux machine?
>>>>
>>>> openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 365 \
>>>> -out cacert.pem -outform PEM -subj /CN=MyTestCA/ -nodes
>>>>
>>>> i executed above as
>>>> openssl req -x509 -config openssl.cnf -newkey rsa:2048 -days 365 -out cacert.pem -outform PEM -subj /CN=MyTestCA/ -nodes
>>>>
>>>> because as you told me that i need to do it similarly as in the website i skipped the '\' since it wasn't a valid element in openssl.
>>>>
>>>> does that caused the error?
>>>>
>>>> Thanks and Regards,
>>>> Abhijit
>>>>
>>>>
>>>>
>>>> On 8/10/2011 7:38 PM, Alexandru Scvorţov wrote:
>>>>
>>>>
>>>>>> but with no luck, do i need something more.
>>>>>>
>>>>>>
>>>>>>
>>>>> Not that I can think of, no.
>>>>>
>>>>> If you're using OpenSSL 1.0.0, could you try with OpenSSL 0.9.8?
>>>>>
>>>>> Cheers,
>>>>> Alex
>>>>>
>>>>> On Wed, Aug 10, 2011 at 07:24:54PM +0530, Abhijit wrote:
>>>>>
>>>>>
>>>>>
>>>>>> Hi sir,
>>>>>>
>>>>>> i went through all the steps again to make certificates in this link:
>>>>>>
>>>>>>
>>>>>>
>>>>>>> http://www.rabbitmq.com/ssl.html#keys-and-certs
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> but with no luck, do i need something more.
>>>>>>
>>>>>> Thanking you,
>>>>>>
>>>>>> Regards,
>>>>>> Abhijit
>>>>>>
>>>>>>
>>>>>> On 8/10/2011 5:48 PM, Alexandru Scvorţov wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>>>> The code worked now. the certificate you provided did work
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> Great to hear that.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> wondering why
>>>>>>>> my certificates are not working??
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> I suspect you got some step in the certificate generation wrong (I
>>>>>>> generated the certificates following the instructions on the website).
>>>>>>> It's ridiculously easy to get something wrong.
>>>>>>>
>>>>>>> I'd delete all the certificates, and CA you generated and try again.
>>>>>>> The website instructions are right. You might want to try without
>>>>>>> changing anything (the CA's name, for instance) just to see that it
>>>>>>> works.
>>>>>>>
>>>>>>> You could also try a different version of OpenSSL, but I'd be quite
>>>>>>> surprised if that were the problem.
>>>>>>>
>>>>>>> Let us how it goes.
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Alex
>>>>>>>
>>>>>>>
>>>>>>> On Wed, Aug 10, 2011 at 05:30:42PM +0530, Abhijit wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>> Hi sir,
>>>>>>>>
>>>>>>>> The code worked now. the certificate you provided did work wondering why
>>>>>>>> my certificates are not working??
>>>>>>>>
>>>>>>>> Thanks and Regards,
>>>>>>>> Abhijit
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On 8/10/2011 5:20 PM, Alexandru Scvorţov wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>> :( That seems perfectly fine.
>>>>>>>>>
>>>>>>>>> Other ways to get an "unknown ca" error:
>>>>>>>>> - forget to add the CA certificate to the Trust store;
>>>>>>>>> - have the client use a certificate signed by a different authority
>>>>>>>>> than the one given to the server.
>>>>>>>>>
>>>>>>>>> I'm out of ideas. I'm attaching:
>>>>>>>>> - cacert.pem and cacert.cer;
>>>>>>>>> - keycert.p12 (password is "test");
>>>>>>>>> - server's cert.pem, key.pem.
>>>>>>>>>
>>>>>>>>> You'll also need to set RemoteCertificateNameMismatch before starting the connection:
>>>>>>>>> cf.Ssl.AcceptablePolicyErrors =
>>>>>>>>> SslPolicyErrors.RemoteCertificateNameMismatch;
>>>>>>>>>
>>>>>>>>> Could you please try with these and see if it works (or if you get a
>>>>>>>>> different error)?
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>> Alex
>>>>>>>>>
>>>>>>>>> On Wed, Aug 10, 2011 at 04:16:18PM +0530, Abhijit wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>> Ok sir thanks,
>>>>>>>>>>
>>>>>>>>>> this is the post for the former command s_client:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> C:\>openssl s_client -connect localhost:5671 -CAfile testca/cacert.pem
>>>>>>>>>>> -cert cli
>>>>>>>>>>> ent/cert.pem -key client/key.pem -showcerts
>>>>>>>>>>> Loading 'screen' into random state - done
>>>>>>>>>>> CONNECTED(00000160)
>>>>>>>>>>> depth=1 CN = Kiprosh7
>>>>>>>>>>> verify return:1
>>>>>>>>>>> depth=0 CN = Kiprosh7, O = server
>>>>>>>>>>> verify return:1
>>>>>>>>>>> ---
>>>>>>>>>>> Certificate chain
>>>>>>>>>>> 0 s:/CN=Kiprosh7/O=server
>>>>>>>>>>> i:/CN=Kiprosh7
>>>>>>>>>>> -----BEGIN CERTIFICATE-----
>>>>>>>>>>> MIIC4TCCAcmgAwIBAgIBATANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhLaXBy
>>>>>>>>>>> b3NoNzAeFw0xMTA4MTAwODA1NTBaFw0xMjA4MDkwODA1NTBaMCQxETAPBgNVBAMM
>>>>>>>>>>> CEtpcHJvc2g3MQ8wDQYDVQQKDAZzZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
>>>>>>>>>>> DwAwggEKAoIBAQDTDgQ3/vSBPvy0PAZYwk4H2qlFckaA75YfCYZ+HhIb+JUSrZ4r
>>>>>>>>>>> NcBEhvrH+7p1yft9IC4pgrgEbjmfQVTi8LGwtMRZmwpbmjqEfOALpra5x7Plb+7y
>>>>>>>>>>> CTT/iDc8uUwHLn2brXxNRn58IrEeD1X+rBxLNyek0pQu/hH31+REI5Sn1JZfi7gc
>>>>>>>>>>> 3PJEuaRzVJY4sE0neNWT+K+aD0n382qnziLEGOusXWNpggpoHVFKZR3Yojxj6Bfk
>>>>>>>>>>> 9lUvfUtIqz2zQ2dF0q6A0QVVlIenKzUK+rjHxQAUSb8P9CmCuRXUih3f61ahquQP
>>>>>>>>>>> CgSrkNnUV44D/wHfnxNm9QjxlQEGyr0DsTcFAgMBAAGjLzAtMAkGA1UdEwQCMAAw
>>>>>>>>>>> CwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUA
>>>>>>>>>>> A4IBAQDE+cXjx6uNL/Kf/HmE7FeQ238iN7Gfb+I1QHmbRaR0qbTqcFzp7NCJ62uq
>>>>>>>>>>> nJ6Anj0+h1IFNMlQrCISSS0fnSj+mXMKDodZzV+cXFjdtoEXyqdDO0zphDMTRd8H
>>>>>>>>>>> oI79XSm5IK6vcPR+g2UTkhgrX1xfgeqZ8hmw0L0mMMGHXclwwaAF9HRNomFt32gr
>>>>>>>>>>> 1sVhFkhH/5epmgcl+8yI1E7UaQc91bYkUEuQFNu7irgc+/tvcXa4O4+dIfhnzrog
>>>>>>>>>>> 8piYUk4dxGME8LknQ213Gow9cgEKzcYadJ4DIr6gChkvAnYpHHHafWj/Ksvxyii6
>>>>>>>>>>> 8FxuTfgsrOYwkqEcSXeCGUS25nU9
>>>>>>>>>>> -----END CERTIFICATE-----
>>>>>>>>>>> 1 s:/CN=Kiprosh7
>>>>>>>>>>> i:/CN=Kiprosh7
>>>>>>>>>>> -----BEGIN CERTIFICATE-----
>>>>>>>>>>> MIICxjCCAa6gAwIBAgIJANsNRAs/ueOoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
>>>>>>>>>>> BAMTCEtpcHJvc2g3MB4XDTExMDgxMDA4MDEzMloXDTEyMDgwOTA4MDEzMlowEzER
>>>>>>>>>>> MA8GA1UEAxMIS2lwcm9zaDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
>>>>>>>>>>> AQDorxS4o/H/w7f+VYWkQk3gS7g7gWFd3S4eCVV35a3GEcyP2OS4pUhhZXyB0lN7
>>>>>>>>>>> xmUHqeixx7aNRnrc130SQ4kke1fuxtdLjKxu+oeASMLCSkF356m8X5FhuTnPkf2W
>>>>>>>>>>> x64i6nk9SOO+jdQo/kMChy0H7psKS5I2M0nb5WLxN/JOACNnxJOhFy8cGw7l32q6
>>>>>>>>>>> rEfqLkdnZJR09fiuf0hEbb/UodOt2tXXGN0Pp3X2x4cXnD6E2Va9QSBYIvPAnWEn
>>>>>>>>>>> FN2Te+Qwg+AxwHIkCjH9bfQ7fOeuGHAoanSnlqS5rW/T5sKKlkBl95WeJoTFjrCt
>>>>>>>>>>> CVDLilsnLrfmZkg3ICQtPbgNAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0P
>>>>>>>>>>> BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBGtbJQyQ1pWVo+7snqxCOn/KVN++Jo
>>>>>>>>>>> 8YEB4/MGKgHyoTWRAa3IXOSPtpunW/6yDziwcLZeO09MATeKCCAJf64LXZr7aM6J
>>>>>>>>>>> ZX6hFFNUyqa5w9AaZ4sAe70QwDYPS6dPqcyTab/DVVRGhJAKhUc2lX+UfcBhHYaz
>>>>>>>>>>> egKDKyIybHMmcQQm//SO0jo3Ak0565ZAMCdaaO/9RNJpJSxJf+HSVUg4sPLe/sAK
>>>>>>>>>>> QlXcdt8XlKsEKBzUHzfRvpbU/8gn1HO5G+CTvEW2kO6nssuKX41g5hMfRqu248TT
>>>>>>>>>>> jbGWMkYFMPDY1m2QWPqzLvaETGOWHwqpVWXuMhu7/T5sduDf2n084ok7
>>>>>>>>>>> -----END CERTIFICATE-----
>>>>>>>>>>> ---
>>>>>>>>>>> Server certificate
>>>>>>>>>>> subject=/CN=Kiprosh7/O=server
>>>>>>>>>>> issuer=/CN=Kiprosh7
>>>>>>>>>>> ---
>>>>>>>>>>> Acceptable client certificate CA names
>>>>>>>>>>> /CN=Kiprosh7
>>>>>>>>>>> ---
>>>>>>>>>>> SSL handshake has read 1663 bytes and written 2276 bytes
>>>>>>>>>>> ---
>>>>>>>>>>> New, TLSv1/SSLv3, Cipher is AES256-SHA
>>>>>>>>>>> Server public key is 2048 bit
>>>>>>>>>>> Secure Renegotiation IS supported
>>>>>>>>>>> Compression: NONE
>>>>>>>>>>> Expansion: NONE
>>>>>>>>>>> SSL-Session:
>>>>>>>>>>> Protocol : TLSv1
>>>>>>>>>>> Cipher : AES256-SHA
>>>>>>>>>>> Session-ID:
>>>>>>>>>>> 8703D018C270CC932648333F61FE3C986CB336B7C8074ACF3560E415934E26F2
>>>>>>>>>>>
>>>>>>>>>>> Session-ID-ctx:
>>>>>>>>>>> Master-Key:
>>>>>>>>>>> F5B8C5666355EE6C78910EBB649A65740104537ACEBB28E4A23DF51EA5DE9E6A
>>>>>>>>>>> FE3AC2C95B1929985DAFC09CDC6BDEAE
>>>>>>>>>>> Key-Arg : None
>>>>>>>>>>> PSK identity: None
>>>>>>>>>>> PSK identity hint: None
>>>>>>>>>>> Start Time: 1312972974
>>>>>>>>>>> Timeout : 300 (sec)
>>>>>>>>>>> Verify return code: 0 (ok)
>>>>>>>>>>> ---
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>> Thanks and Regards,
>>>>>>>>>> Abhijit
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 8/10/2011 4:10 PM, Alexandru Scvorţov wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>>> AMQP server protocol negotiation failure: server version
>>>>>>>>>>>>> unknown-unknown, client version 0-9
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>> That means the client connected successfully but closed the connection
>>>>>>>>>>> later because it wasn't talking to an AMQP server.
>>>>>>>>>>>
>>>>>>>>>>> That means that the client and certificates are fine, so the problem is
>>>>>>>>>>> configuring the server.
>>>>>>>>>>>
>>>>>>>>>>> When you try the other command (the openssl s_client) on the server,
>>>>>>>>>>> what output do you get? Could you please post it?
>>>>>>>>>>>
>>>>>>>>>>> Alex
>>>>>>>>>>>
>>>>>>>>>>> On Wed, Aug 10, 2011 at 04:00:26PM +0530, Abhijit wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>> yes sir
>>>>>>>>>>>> no problem i thought so after looking at client cmd lines i did put
>>>>>>>>>>>> slash instead of dot, and now am getting this errors:
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>> AMQP server protocol negotiation failure: server version
>>>>>>>>>>>>> unknown-unknown, client version 0-9
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>> Can you tell me what are next steps?
>>>>>>>>>>>>
>>>>>>>>>>>> Thanks and Regards,
>>>>>>>>>>>> Abhijit
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> On 8/10/2011 3:57 PM, Alexandru Scvorţov wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>>> Am still getting the same error am using the same config file.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>> Ok, but are you sure it's actually the file used by the server? (we had
>>>>>>>>>>>>> some problems earlier about which file the server was using when started
>>>>>>>>>>>>> from the command prompt or as a service)
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>>> openssl s_server -accept 5671 -CAfile testca/cacert.pem -cert
>>>>>>>>>>>>>>> server/cert.pem -key server.key.pem -state
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>> My mistake. That should be:
>>>>>>>>>>>>> openssl s_server -accept 5671 -CAfile testca/cacert.pem -cert
>>>>>>>>>>>>> server/cert.pem -key server/key.pem -state
>>>>>>>>>>>>>
>>>>>>>>>>>>> (dot instead of slash in server.key.pem)
>>>>>>>>>>>>>
>>>>>>>>>>>>> BTW, if they're disposable, could you send the certificates and keys?
>>>>>>>>>>>>> We've had problems before with the certificates generated by OpenSSL,
>>>>>>>>>>>>> which were usually solved by using a different version. Maybe this is
>>>>>>>>>>>>> happening here.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Cheers,
>>>>>>>>>>>>> Alex
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Wed, Aug 10, 2011 at 03:46:39PM +0530, Abhijit wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>> hi sir,
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Am still getting the same error am using the same config file.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> But i was not able to run this command you sent me:
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> openssl s_server -accept 5671 -CAfile testca/cacert.pem -cert
>>>>>>>>>>>>>>> server/cert.pem -key server.key.pem -state
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>> was getting an error: unable to load server certificate private key file.
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Thanks and Regards,
>>>>>>>>>>>>>> Abhijit
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>
>>>>>>
>>>>
>>>>
>>
>
>> -----BEGIN RSA PRIVATE KEY-----
>> MIIEpAIBAAKCAQEAxt0TpBEhXsGZpQ5Uo5G/BJIgEAvHJti7g/zcsIZXYLv7dwj2
>> pgvFcDBDC2UDRxFu8ZRBu2oPqhr/kXA/2KoW1g9Y5fG9LYFVNjKvw7Vr61d9zbNp
>> 8kIF5zyGBxhZGL7AXpltIGaf7VRy/pwz8hhe0Nq4h12jQi7tfJusiUt9wz3a0f3H
>> 98KtXkEmhydKgFrHkunBEOeSGzajOPnubRSyIpi9CCvS79by8UXZk5FVVQee+Rcu
>> B0L8HjO+cFkcuFAH3si3wWymouaEDpWY1n0x2QZA0//FypsY1uBFr84cF6sUHIMI
>> jdUgD7Bo2phqTcvlsttRuHiSr5C2+GRQo2EelQIDAQABAoIBAC+RGe2Ym17K+DFe
>> 6Cfn6MTzHvA3oP9NwCymAzPGLohY7qFeZ4D4N9XJ9X94Pfx10w+94qsth2ms44yq
>> SNtOc//n09/Mnu+PjA5WuWwarSGx38mgLKth13+kHnr7+/PLTMBT+qJRadee55K3
>> UkWKRsO2TYUzhKWEDBJOOkrs37wfVx4mDs2X3UxjGSUgdvxw/xAfRZ+cn6Svf42t
>> L1+4a7DOinAIlUh/NdRF2XVkf7skjCJu7vOO6i5ky++xxo5LK36kjb/PMDMEOA8d
>> d36nGStSON8ltvZO90Y/WvF09hw3cI/qZ2wugdxYaAIkVbN5Aw6UHGTikPn8qcn+
>> DF3I29ECgYEA92L1hUOY5ziU9clDhHbpLrlIyNREYrsFO0yMqE2t4OaAnURszjUD
>> 1tqP7nNoq8qRxkfjtqxTsACjEj9WfqP0lQWEb8Emt9jg6Z2Uf6MGTXh+ijeMGPMR
>> LidpCwP39F6bv7DEm3h+EwJVK0Rhb+mKgvhReM4nr28X892v26gP9jcCgYEAzcmd
>> o2Mejnzv+G4J/E4p4XiFX/zYgCieCKnqi73xgdj2j31o1hJZYBkh/9hnBvVS6RrX
>> 3G8ngwfUTxk0bAqH1sNRRiqFjpkWmjDl0PO7e+LsokX80Y2P1dPfdwQnje8Od8Vi
>> M33j6zvURyXJ5EAWbWIKKHZR1k8TxtmD8u1Aq5MCgYEAttDDnbLBmQWgVy5fndF+
>> KtAz8G2lB80rZZIBVBLrjwroOtApFA3rg2hK+y0ASgvNxFi19/XLdoJSABccZUPm
>> aAYGw8taQHyeYSXZaqVf7/o+kQfRmVJu/MuU/dX18/nCYVtRP49Ao+2SYQIMe3Z7
>> rKOzGXJHs4aGjeninpHJEesCgYBzwcKzwrDQlATkqPli/JDgbMwRt4gNZ0umMfZm
>> jv0H/oSLKI9NQ9sUjG6snQ0vQ9ZUm63rKHeAZGoP6Gytjarlqs7P+mFQWlr1dyX/
>> SOsggAB+M4JIWiobrOfZ6fNaCqwHwXdA4cLQcsIxF1ee1lIHS4vNQOk99RN52qc3
>> gi/LkwKBgQCxwgAeINI2r1EFDC+k+hJ7Od4TkrZk7TvsgvwpnxQHkJpkYqAFjT4Z
>> DXswdo+4gN70oN2fkrXGypIo/r+G20AI8VlBy91eIV1YI5GFGOs2q5by0+7UHV8h
>> RVQeKHXsz5/hpSeF4wdJox1kqgySeluCA/mMt9i+jAyPz1xwK8U+aw==
>> -----END RSA PRIVATE KEY-----
>>
>
>
>
>> -----BEGIN CERTIFICATE-----
>> MIICxjCCAa6gAwIBAgIJALgBaefnAA8iMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
>> BAMTCE15VGVzdENBMB4XDTExMDgxMTA3MTEyMFoXDTEyMDgxMDA3MTEyMFowEzER
>> MA8GA1UEAxMITXlUZXN0Q0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
>> AQDjrWFlQ6QBss2DVe6xiCmzyYbSm1zAu9gVwDWvrvkK3cSQ2Y9iA+IKQUXhmmq2
>> EJHwLpapjG/6ZucWrIWEX+53vkSpGdia9hTsbxxOFueP8SaYM96/K3/cEV/JtSIO
>> ylEwVTlwuuNvAfrnG8srgDtFuXYoFRKWMoLsd68kNAyTCJWWoYqe71V5poY+c2Zv
>> rLofRwWcz7wRnEcvw5bj3eIl9jURMmGTHtSQMVEskokvuAm2xfNBXrgsdw04SDH6
>> m8x5rXgvEu8wHUNCPx/4a8qcYGFLnTov5d8O0Bs3GLfhR7sYeTZt4L2BrTLuPUZ9
>> cXCAQ+PmJUgYgytmjIbwDDAXAgMBAAGjHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0P
>> BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBJL8UchryKVyoKtpkkVJd7O2PJO6Yh
>> 21kq75Y+gvJ5iCxF9fVqOpNYerFFt+KR1uxAuHglse7DBJDmfplpvQ/FlmJonztP
>> qeXfFKSiN4CRIHzCvrZOxX/CHTtnzjJ5ArmrTk71f9gkmeKhoZ1mhgHIqFMPjxhT
>> u+5vK6S0TjcqyEeYnt6o794rz/sVLWOaDrGWxe2mZBq7wGajQq6xauyXWUovPWg8
>> 1QNBDcpJb6BNrupK2AFONYI6BPpdMnl6m+PqwYXD3oZakMnNLoQLSYE8wD3ZQkTO
>> V2upmgchnKN+qpfHHUGmilikc6FIUhcfSRGvTx63r1CvOFYPwGvJVoOL
>> -----END CERTIFICATE-----
>>
>
>> -----BEGIN CERTIFICATE-----
>> MIIC4DCCAcigAwIBAgIBATANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhNeVRl
>> c3RDQTAeFw0xMTA4MTEwNzEzNTBaFw0xMjA4MTAwNzEzNTBaMCMxEDAOBgNVBAMT
>> B2FiaGlqaXQxDzANBgNVBAoTBnNlcnZlcjCCASIwDQYJKoZIhvcNAQEBBQADggEP
>> ADCCAQoCggEBAMbdE6QRIV7BmaUOVKORvwSSIBALxybYu4P83LCGV2C7+3cI9qYL
>> xXAwQwtlA0cRbvGUQbtqD6oa/5FwP9iqFtYPWOXxvS2BVTYyr8O1a+tXfc2zafJC
>> Bec8hgcYWRi+wF6ZbSBmn+1Ucv6cM/IYXtDauIddo0Iu7XybrIlLfcM92tH9x/fC
>> rV5BJocnSoBax5LpwRDnkhs2ozj57m0UsiKYvQgr0u/W8vFF2ZORVVUHnvkXLgdC
>> /B4zvnBZHLhQB97It8FspqLmhA6VmNZ9MdkGQNP/xcqbGNbgRa/OHBerFByDCI3V
>> IA+waNqYak3L5bLbUbh4kq+QtvhkUKNhHpUCAwEAAaMvMC0wCQYDVR0TBAIwADAL
>> BgNVHQ8EBAMCBSAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJKoZIhvcNAQEFBQAD
>> ggEBALl7ostKoOKqa8ytOX8qsf7kxvW7Mw66NdRS7sBlM+jVaZHjCwxIAGe/QaGL
>> c5P+aQx7lCFBSXPDD6sWsI59R8MSQTS0TJ8Ek4dB6Y8R6wRLtVCLGXLIeaNqP8BX
>> lGb2Za42VV5O0iaDcyh+DGhZ77lJKOMZS/y6UzyqR8Q5oSNM/J8BvMr6eDHae31P
>> Of2lRJAT2O3DdRqZjpVSrsNFLKM7GAeOctjVoPhNJuUTSCmW6lEtkC1ixDseoZIe
>> o2Pz4kzSf66pgxM0IGKl5OeqGMht7SonhDS8Fda2fRITvgf+ZunD4Yw8ueoZnxQO
>> rum0HrvwARjNTMA3lzrmagZntxk=
>> -----END CERTIFICATE-----
>>
>
More information about the rabbitmq-discuss
mailing list