[rabbitmq-discuss] rabbit_stomp_reader ssl_upgrade_error

Antony Mayi antonymayi at yahoo.com
Thu Nov 14 02:28:36 GMT 2013


Trying to setup rabbit stomp with SSL using existing certificate but keep getting errors. I am using Erlang R14B and RabbitMQ 3.1.5.

My rabbit config is following:
  {rabbitmq_stomp, [
     {ssl_listeners, [61614]},
     {ssl_options, [{cacertfile,"/tmp/ssl/certs/ca.pem"},


When doing basic connection test using openssl s_client I get following:
openssl s_client -connect localhost:61614 -cert /tmp/ssl/certs/hostA.pem -key /tmp/ssl/private_keys/hostA.pem -CAfile /tmp/ssl/certs/ca.pem

139852982814536:error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error:s3_pkt.c:1197:SSL alert number 80
139852982814536:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:184:
no peer certificate available
No client certificate CA names sent

Rabbit log shows following error:
=CRASH REPORT==== 14-Nov-2013::02:09:18 ===
    initial call: rabbit_stomp_reader:init/2
    pid: <0.328.0>
    registered_name: []
    exception error: no match of right hand side value 
                     {error,{ssl_upgrade_error,"internal error"}}
      in function  rabbit_stomp_reader:init/2
    ancestors: [<0.327.0>,rabbit_stomp_client_sup_sup,rabbit_stomp_sup,
    messages: []
    links: [<0.327.0>]
    dictionary: []
    trap_exit: false
    status: running
    heap_size: 377
    stack_size: 24
    reductions: 852

Note the certificates are correct/valid and I am perfectly able to establish SSL connection with them using openssl s_server + s_client.

Any idea what's wrong?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20131114/6d3c3f26/attachment.htm>

More information about the rabbitmq-discuss mailing list