[rabbitmq-discuss] New RabbitMQ 3.3.0 Web_stomp SSL problems
Sebastien Dubois
dubois.sebastien66 at gmail.com
Fri Apr 25 22:34:22 BST 2014
Hi all,
Up to recently we've been using RabbitMQ 3.2.3/Erlang R15B01 with the
web_Stomp plugin over SSL. Since this was not supported, we had to rebuilt
the web_stomp plugin using a patched branch as described
at https://gist.github.com/berico-rclayton/5475365 (also
see https://github.com/rabbitmq/rabbitmq-web-stomp/pull/3). This has been
working fine for months.
We recently realized that the fix for SSL support in web_stomp was
systemized in RabbitMQ 3.3.0/Erlang R16B03. So we installed it and updated
our configuration. However, using the exact same setup and self-signed
keys/certificates, we cannot get the new version to work properly while
using SSL over stomp. Connecting to https://<rabbit server IP>:15678/stomp
just fails, although from the log web_stomp seems to be listening correctly
on port 15678. We tried to regenerate a new set of keys, but it did not do
anything.
Our old rabbitMQ config (patched 3.2.3 web_stomp) was:
{rabbitmq_web_stomp, [
{ssl_enabled, true},
{https_port, 15678},
{ssl_key_file, "/usr/local/ssl/private/server.key"},
{ssl_key_password, "password"},
{ssl_ca_certificate_file, "/usr/local/ssl/crt/public.crt"},
{ssl_certificate_file, "/usr/local/ssl/crt/public.crt"}
] },
And the corresponding new config on RabbitMQ 3.3.0 is
{rabbitmq_web_stomp,
[{ssl_config, [{port, 15678},
{backlog, 1024},
{certfile, "/usr/local/ssl/crt/public.crt"},
{keyfile, "/usr/local/ssl/private/server.key"},
{cacertfile, "/usr/local/ssl/crt/public.crt"},
{password, "password"}
]}
]},
Is our config ok? does anybody experienced similar problems or have any
idea what we could be doing wrong?
Thanks in advance,
/Sebas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140425/bd415a65/attachment.html>
More information about the rabbitmq-discuss
mailing list