Hi,<div><br></div><div>I'm experiencing RabbitMQ server faults when connecting over SSL following an upgrade to server version 2.3.1. I have previously had this working fine using version 2.2.0, if I downgrade my server to this version the SSL starts working again using the same configuration and client program.</div>
<div><br></div><div>When I try to make an SSL connection, I see the following in the server logs:</div><div><br></div><div><div>=INFO REPORT==== 5-Feb-2011::11:29:01 ===</div><div>accepted TCP connection on <a href="http://0.0.0.0:5671">0.0.0.0:5671</a> from <a href="http://127.0.0.1:33683">127.0.0.1:33683</a></div>
<div><br></div><div>=INFO REPORT==== 5-Feb-2011::11:29:01 ===</div><div>starting TCP connection <0.1043.0> from <a href="http://127.0.0.1:33683">127.0.0.1:33683</a></div><div><br></div><div>=INFO REPORT==== 5-Feb-2011::11:29:01 ===</div>
<div>upgraded TCP connection <0.1043.0> to SSL</div><div><br></div><div>=ERROR REPORT==== 5-Feb-2011::11:29:05 ===</div><div>exception on TCP connection <0.1043.0> from <a href="http://127.0.0.1:33683">127.0.0.1:33683</a></div>
<div>{channel0_error,opening,</div><div> {error,function_clause,'connection.open',</div><div> [{rabbit_reader,'-i/2-fun-5-',</div><div> [{tlsv1,{rsa,'3des_ede_cbc',sha,no_export}}]},</div>
<div> {rabbit_reader,'-infos/2-lc$^0/1-0-',2},</div><div> {rabbit_reader,'-infos/2-lc$^0/1-0-',2},</div><div> {rabbit_reader,handle_method0,2},</div><div> {rabbit_reader,handle_method0,3},</div>
<div> {rabbit_reader,mainloop,2},</div><div> {rabbit_reader,start_connection,7},</div><div> {proc_lib,init_p_do_apply,3}]}}</div><div><br></div><div>=INFO REPORT==== 5-Feb-2011::11:29:05 ===</div><div>
closing TCP connection <0.1043.0> from <a href="http://127.0.0.1:33683">127.0.0.1:33683</a></div></div><div><br></div><div><br></div><div>My SSL configuration is as follows:</div><div><br></div><div><div>robin@robin-desktop:~$ cat /etc/rabbitmq/rabbitmq.config </div>
<div>[</div><div> {rabbit, [</div><div> {ssl_listeners, [{"0.0.0.0",5671}]},</div><div> {ssl_options, [{cacertfile,"/home/robin/rmq-ssl/testca/cacert.pem"},</div><div> {certfile,"/home/robin/rmq-ssl/server/cert.pem"},</div>
<div> {keyfile,"/home/robin/rmq-ssl/server/key.pem"},</div><div> {verify,verify_peer},</div><div> {fail_if_no_peer_cert,true}]}</div><div> ]}</div><div>
].</div></div><div><br></div><div><br></div><div>I'm using rabbitmq-server_2.3.1-1_all.deb on Ubuntu 10.10, 64 bit. When installing the server I'm using "dpkg -i <server deb file>" and to remove I'm using "dpkg --purge <server deb file>". I originally set up the SSL certificates by following the RabbitMQ documentation here: <a href="http://www.rabbitmq.com/ssl.html">http://www.rabbitmq.com/ssl.html</a></div>
<meta http-equiv="content-type" content="text/html; charset=utf-8"><div><br></div><div><br></div><div>Is there a problem with my RMQ SSL config, or has anything changed with RMQ/SSL in the 2.3.1 version?</div><div><br></div>
<div>Thanks,</div><div>--Robin</div>