[rabbitmq-discuss] RabbitMQ-C SSL support
Alan Antonuk
alan.antonuk at gmail.com
Fri Apr 26 08:33:58 BST 2013
By default rabbitmq-c verifies that the hostname you're connecting to
matches that of the CN on the SSL certificate of the host you're connecting
to.
When you specified the <Server> in amqp_listen does it match what you
specified when you created the server certificate?
On Fri, Apr 26, 2013 at 12:10 AM, Lothe_Shashank <
Lothe_Shashank at mahindrasatyam.com> wrote:
> Hi,
>
> I downloaded Rabbitmq--c-master from
> https://github.com/alanxz/rabbitmq-c/tree/ssl. I understand that this
> package supports SSL functionalities for rabbitmq-c. I were able to compile
> and install this package and examples provided in it.
>
> Steps I followed on server side:
> step - 1.Created own CA and generated the key
> * For creating CA I followed this link http://www.rabbitmq.com/ssl.html
> step-2:Next I created our own rabbitmq.config at /etc/rabbitmq .
> [
> {rabbit, [
> {ssl_listeners, [5672]},
> {ssl_options, [{cacertfile,"/path/to/testca/cacert.pem"},
> {certfile,"/path/to/server/cert.pem"},
> {keyfile,"/path/to/server/key.pem"},
> {verify,verify_peer},
> {fail_if_no_peer_cert,false}]}
> ]}
> ].
>
> step-3: Then I executed the program using following command
> ./amqps_listen <Server> 5672 amq.direct AAA "/<PATH_TO>/cacert.pem"
> "<PATH_TO/key.pem" "<PATH_TO/cert.pem"
>
> amqp_socket_open is failing with following message displayed on console:
> opening SSL/TLS connection
>
> I disabled firewall on server [sudo ufw disable] but still the same error.
> Kindly suggest.
>
> Thanks and regards,
> Shashank
>
> ------------------------------
>
> DISCLAIMER:
> This email (including any attachments) is intended for the sole use of the
> intended recipient/s and may contain material that is CONFIDENTIAL AND
> PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or
> distribution or forwarding of any or all of the contents in this message is
> STRICTLY PROHIBITED. If you are not the intended recipient, please contact
> the sender by email and delete all copies; your cooperation in this regard
> is appreciated.
>
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130426/7fc9bc0d/attachment.htm>
More information about the rabbitmq-discuss
mailing list