[rabbitmq-discuss] Issues with RabbitMQ, SSL and .NET

• Previous message: [rabbitmq-discuss] Is there a formal AMQP compliance test suite (for developers of client libraries)?
• Next message: [rabbitmq-discuss] Issues with RabbitMQ, SSL and .NET
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Alex.
I follow and read through the thread carefully because I ran into almost 
exactly the same problem when trying to use SSL to authenticate my .NET 
client. Both broker and client sit on the same machine. The only advertised 
working example 
in http://blog.johnruiz.com/2011/12/establishing-ssl-connection-to-rabbitmq.html 
does not work for me for some reason. 

So I follow all the suggested route and start up s_server and ran my .net 
client to it as suggested. this is what I got:
openssl s_server -accept 5671 -cert SSLserver/cert.pem -key 
SSLserver/key.pem \
>   -CAfile SSLCA/cacert.pem
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMABAIABQQg2uALybqAbk6tXfkSN/Pypg4kqeosku2CdlyFiQj9gGcE
MI0tXD4TyV/YWyqUB8gTnOc/Scx3hLJYG1dxGbDalzDg/Vz9BOSGBqfkvCYAERLq
CKEGAgRTIvxuogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:RC4-SHA:DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:RC4-MD5
CIPHER is RC4-SHA
Secure Renegotiation IS supported
AMQP    ERROR
shutting down SSL
CONNECTION CLOSED
ACCEPT

and the .NET errors displays:


None of the specified endpoints were reachable
Endpoints attempted:
------------------------------------------------
endpoint=amqp-0-9://MM181938-PC:5671, attempts=1
RabbitMQ.Client.Exceptions.ProtocolVersionMismatchException: AMQP server 
protoc
l negotiation failure: server version unknown-unknown, client version 0-9
   at RabbitMQ.Client.Impl.ConnectionBase.StartAndTune()
   at RabbitMQ.Client.Framing.Impl.v0_9_1.Connection.Open(Boolean insist)
   at RabbitMQ.Client.Impl.ConnectionBase..ctor(ConnectionFactory factory, 
Bool
an insist, IFrameHandler frameHandler)
   at 
RabbitMQ.Client.Framing.Impl.v0_9_1.Connection..ctor(ConnectionFactory fa
tory, Boolean insist, IFrameHandler frameHandler)
   at 
RabbitMQ.Client.Framing.Impl.v0_9_1.ProtocolBase.CreateConnection(Connect
onFactory factory, Boolean insist, IFrameHandler frameHandler)
   at RabbitMQ.Client.ConnectionFactory.FollowRedirectChain(Int32 
maxRedirects,
IDictionary`2 connectionAttempts, IDictionary`2 connectionErrors, 
AmqpTcpEndpoi
t[]& mostRecentKnownHosts, AmqpTcpEndpoint endpoint)
================================================
Stack trace:
   at RabbitMQ.Client.ConnectionFactory.CreateConnection(Int32 maxRedirects)
   at RabbitMQ.Client.ConnectionFactory.CreateConnection()
   at RabbitSslTest.Program.Start() in c:\Users\meng\Documents\Visual 
Studio 20
2\Projects\testCert\testCert\Program.cs:line 59


please help.
Yours, 
yoda


On Monday, 12 September 2011 12:22:33 UTC-4, Alexandru Scvorţov wrote:
>
> > As I said before we tried CN=server-PC for our certs
> > and added "server-PC 10.35.110.167" to hosts file on our windows machine.
>
> Ok.
>
> > And when we check we still get "bad gethostbyaddr" from openssl s_server
> > also .net client crashes,
> > and problem continues...
>
> Turns out that's because the client's IP isn't in the server's hosts
> file.  Should be harmless and works fine without that.
>
> The output from s_client is perfectly fine and shows that the .NET can
> connect to the server machine via SSL.
>
> Is there any chance you could try running your .NET program from a 
> different
> machine?  In particular, could you run under Mono on the same machine as
> the broker?
>
> Please reply to this message and don't start a new thread.
>
> Cheers,
> Alex
>
> On Mon, Sep 12, 2011 at 05:25:47PM +0200, Umut Sahin wrote:
> > As I said before we tried CN=server-PC for our certs
> > and added "server-PC 10.35.110.167" to hosts file on our windows machine.
> > 
> > And when we check we still get "bad gethostbyaddr" from openssl s_server
> > also .net client crashes,
> > and problem continues...
> > 
> > Regards,
> > Umut
> > 
> > 
> > _______________________________________________
> > rabbitmq-discuss mailing list
> > rabbitmq... at lists.rabbitmq.com <javascript:>
> > https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq... at lists.rabbitmq.com <javascript:>
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140314/99f8278e/attachment.html>

• Previous message: [rabbitmq-discuss] Is there a formal AMQP compliance test suite (for developers of client libraries)?
• Next message: [rabbitmq-discuss] Issues with RabbitMQ, SSL and .NET
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]