[rabbitmq-discuss] SSL client error using 2.3.1

Rachmad Dony Rudiyantoro donal.lhooo at gmail.com
Mon Mar 7 09:56:07 GMT 2011


Hallo,

I have a problem with RabbitMQ using SSL. I can use SSL over a local
network or 'localhost'. But I can not use it through the Internet.
Here is a log from Rabbitmq Server:

=INFO REPORT==== 7-Mar-2011::13:35:00 ===
starting TCP connection <0.389.0> from 222.124.46.13:21522

=ERROR REPORT==== 7-Mar-2011::13:35:05 ===
error on TCP connection <0.389.0>:{ssl_upgrade_error,timeout}

=INFO REPORT==== 7-Mar-2011::13:35:05 ===
closing TCP connection <0.389.0>


and log from Java client :

javax.net.ssl.SSLHandshakeException: Remote host closed connection
during handshake
       at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:837)
       at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1158)
       at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:652)
       at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:78)
       at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
       at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
       at java.io.DataOutputStream.flush(DataOutputStream.java:123)
       at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:117)
       at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:130)
       at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:235)
       at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:383)
       at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:403)
       at ExampleWithSSL.main(ExampleWithSSL.java:59)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
       at sun.security.ssl.InputRecord.read(InputRecord.java:352)
       at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:818)


My SSL configuration is as follows:

[
 {rabbit, [
    {ssl_listeners, [{"0.0.0.0",5671}]},
    {ssl_options, [{cacertfile,"/opt/ssl/demoCA/cacert.pem"},
                   {certfile,"/opt/ssl/server/cert.pem"},
                   {keyfile,"/opt/ssl/server/key.pem"},
                   {verify,verify_peer},
                   {fail_if_no_peer_cert,false}]}
  ]}
].


I am using RabbitMQ 2.3.1 and Erlang R14B01.


Thanks,

Rachmad Doni R.


More information about the rabbitmq-discuss mailing list