[rabbitmq-discuss] SSL between cluster hosts supported ?
Charles
cshtreck at yahoo.com
Thu Feb 16 22:17:29 GMT 2012
Furthermore ,I was able to run through the example over here http://www.erlang.org/doc/apps/ssl/ssl_distribution.html
and I was able to start a erl session without the Protocol: ~p: not supported~n",["inet_tls"]
error using :
erl -boot ./test_ssl -proto_dist inet_tls -sname test_ssl -ssl_dist_opt server_certfile "mycert.pem" -ssl_dist_opt server_secure_renegotiate true client_secure_renegotiate true
When I attempted to test using openssl via the below command I got the below error and crash reports ... what am I doing wrong ?
openssl s_client -connect localhost:portnumber
=ERROR REPORT==== 16-Feb-2012::17:11:58 ===
SSL: 1093: error:[] mycert.pem
[{ssl_connection,init_private_key,5,
[{file,"ssl_connection.erl"},{line,1085}]},
{ssl_connection,ssl_init,2,[{file,"ssl_connection.erl"},{line,1027}]},
{ssl_connection,init,1,[{file,"ssl_connection.erl"},{line,305}]},
{gen_fsm,init_it,6,[{file,"gen_fsm.erl"},{line,343}]},
{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,227}]}]
=CRASH REPORT==== 16-Feb-2012::17:11:58 ===
crasher:
initial call: ssl_connection:init/1
pid: <0.68.0>
registered_name: []
exception exit: ekeyfile
in function gen_fsm:init_it/6 (gen_fsm.erl, line 353)
ancestors: [ssl_connection_sup_dist,ssl_dist_sup,net_sup,kernel_sup,
<0.9.0>]
messages: []
links: [<0.20.0>]
dictionary: [{ssl_manager,ssl_manager_dist}]
trap_exit: false
status: running
heap_size: 2584
stack_size: 24
reductions: 1937
neighbours:
=SUPERVISOR REPORT==== 16-Feb-2012::17:11:58 ===
Supervisor: {local,ssl_connection_sup_dist}
Context: child_terminated
Reason: ekeyfile
Offender: [{pid,<0.68.0>},
{name,undefined},
{mfargs,{ssl_connection,start_link,undefined}},
{restart_type,temporary},
{shutdown,4000},
{child_type,worker}]
----- Original Message -----
From: Charles <cshtreck at yahoo.com>
To:
Cc: "rabbitmq-discuss at lists.rabbitmq.com" <rabbitmq-discuss at lists.rabbitmq.com>
Sent: Thursday, February 16, 2012 5:03 PM
Subject: Re: [rabbitmq-discuss] SSL between cluster hosts supported ?
Emile,
Thanks for the info. I see ssl now ...
rabbitmqctl report | grep ssl
...
{ssl,"Erlang/OTP SSL application","5.0"}
...
However, rabbit crashes on startup with a
error_logger,{{2012,2,16},{16,55,24}},"Protocol: ~p: not supported~n",["inet_tls"]}
when I add -proto_dist inet_tls to the erl command line options in the rabbitmq-server startup script .
Thoughts ?
----- Original Message -----
From: Emile Joubert <emile at rabbitmq.com>
To: Mark Steele <msteele at beringmedia.com>
Cc: "rabbitmq-discuss at lists.rabbitmq.com" <rabbitmq-discuss at lists.rabbitmq.com>
Sent: Thursday, February 16, 2012 10:41 AM
Subject: Re: [rabbitmq-discuss] SSL between cluster hosts supported ?
Hi Mark,
On 15/02/12 20:06, Mark Steele wrote:
> Would be awesome if someone were to put up an example on the rabbitmq
> website with a how-to on getting that up and running, someone with both
> rabbit and erlang experience.... :)
The newest version of Erlang has support for encrypted node
communication built in. For more information see
http://www.erlang.org/doc/apps/ssl/ssl_distribution.html
You will need to modify the startup scripts or supply SSL arguments in
the rabbitmq.config file. You will also need to add "ssl" to the list of
applications in ebin/rabbit_app.in .
-Emile
_______________________________________________
rabbitmq-discuss mailing list
rabbitmq-discuss at lists.rabbitmq.com
https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
_______________________________________________
rabbitmq-discuss mailing list
rabbitmq-discuss at lists.rabbitmq.com
https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
More information about the rabbitmq-discuss
mailing list