[rabbitmq-discuss] Rabbitmq 2.5.0 and rabbitmq-stomp plugin + certificate authentication

Massimo Paladin Massimo.Paladin at cern.ch
Wed Jun 15 16:34:36 BST 2011 

Hello,

I am looking at rabbitmq 2.5.0 and the stomp plugin.

I am able to connect through ssl with plain authentication but not with ssl
and certificate authentication.

Is certificate authentication supported in this version of stomp plugin?

What I get in the log is (using stomp 1.0 for this example):

=INFO REPORT==== 15-Jun-2011::17:17:35 ===
accepted TCP connection on 0.0.0.0:xxxxx from x.x.x.x:48014

=INFO REPORT==== 15-Jun-2011::17:17:35 ===
upgraded TCP connection <0.231.0> to SSL

=INFO REPORT==== 15-Jun-2011::17:17:35 ===
starting STOMP connection <0.1585.0> from x.x.x.x:48014

=ERROR REPORT==== 15-Jun-2011::17:17:35 ===
STOMP error frame sent:
Message: "Bad CONNECT"
Detail: "Missing login or passcode header(s)\n"
Server private detail: none

=INFO REPORT==== 15-Jun-2011::17:17:35 ===
Socket {ssl_socket,#Port<0.5884>,{sslsocket,new_ssl,<0.1581.0>}} closed by
client

=INFO REPORT==== 15-Jun-2011::17:17:35 ===
ending STOMP connection <0.1585.0> from x.x.x.x:48014

It still looks for login and passcode...

The config part related to ssl and authentication is:
    {rabbit, [ {auth_mechanisms, ['PLAIN', 'AMQPLAIN', 'EXTERNAL']},
               {tcp_listeners, [xxxxx]},
               {ssl_listeners, [xxxxx]},
               {ssl_options, [
                    {cacertfile,"/path/to/cacert.pem"},
                    {certfile,"/path/to/hostcert.pem"},
                    {keyfile,"/path/to/hostkey.pem"},
                    {verify,verify_peer},
                    {fail_if_no_peer_cert,true}]}
    ] }
and for stomp I have:
    {rabbitmq_stomp, [{tcp_listeners, [xxxxx]},
                      {ssl_listeners, [xxxxx]}]}

Of course I have enabled rabbitmq_auth_mechanism_ssl:
Status of node 'rabbitmq-dev at devhost001' ...
[{pid,30594},
 {running_applications,
     [{rabbitmq_auth_mechanism_ssl,
          "RabbitMQ SSL authentication (SASL EXTERNAL)","2.5.0"},
      {rabbitmq_management,"RabbitMQ Management Console","2.5.0"},
      {webmachine,"webmachine","1.7.0-rmq2.5.0-hg0c4b60a"},
      {rabbitmq_management_agent,"RabbitMQ Management Agent","2.5.0"},
      {amqp_client,"RabbitMQ AMQP Client","2.5.0"},
      {rabbitmq_mochiweb,"RabbitMQ Mochiweb Embedding","2.5.0"},
      {mochiweb,"MochiMedia Web Server","1.3-rmq2.5.0-git9a53dbd"},
      {inets,"INETS  CXC 138 49","5.5.2"},
      {rabbitmq_stomp,"Embedded Rabbit Stomp Adapter","2.5.0"},
      {rabbit,"RabbitMQ","2.5.0"},
      {ssl,"Erlang/OTP SSL application","4.1.4"},
      {public_key,"Public key infrastructure","0.11"},
      {crypto,"CRYPTO version 2","2.0.2.1"},
      {mnesia,"MNESIA  CXC 138 12","4.4.17"},
      {os_mon,"CPO  CXC 138 46","2.2.5"},
      {sasl,"SASL  CXC 138 11","2.1.9.3"},
      {stdlib,"ERTS  CXC 138 10","1.17.3"},
      {kernel,"ERTS  CXC 138 10","2.14.3"}]},
.......


Regards,
---
Massimo Paladin

email: massimo.paladin at gmail.com
website: http://www.mpaladin.com
flickr's page: http://flickr.com/photos/massimop
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20110615/092e67ed/attachment.htm>

More information about the rabbitmq-discuss mailing list