<div dir="ltr"><div><div><div>Hi Emile,<br><br></div>Apologies I am using R16B01 I also
tested R16B and had the same result but with ssl_connection.erl instead
of tls_connection.erl I've been testing a few configurations over the
weekend on this.<br>
<br></div>I'm actually getting that error with the test certificates I made following the SSL example on the RabbitMQ SSL page. Again just with the mosquitto_sub client and not openssl s_client<br><br>Running through the troubleshooting steps show's that erlang does indeed support tlsv1 and that openssl has validated my handshake by creating a local server and client.<br>
<br></div><div>Very strange issue, I think it sways more to the mosquitto_sub client now though...<br></div><div><br></div>
Cheers,<br>Dan</div><div class="gmail_extra"><br><br><div class="gmail_quote">On 28 October 2013 15:31, Emile Joubert <span dir="ltr"><<a href="mailto:emile@rabbitmq.com" target="_blank">emile@rabbitmq.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br>
Hi David,<br>
<br>
On 28/10/13 12:59, Daniel Mitchell wrote:<br>
<br>
> RabbitMQ = 3.2.0<br>
> OpenSSL = 1.0.1<br>
> Erlang = R16B<br>
<br>
><br>
> =ERROR REPORT==== 28-Oct-2013::12:52:02 ===<br>
> SSL: certify: tls_connection.erl:2286:Fatal error: certificate unknown<br>
<br>
tls_connection.erl appeared in R16B01. I'm not sure how you could have<br>
got that error using R16B. If you are using a patched Erlang VM then<br>
that might be part of the problem.<br>
<br>
The "certificate unknown" error is very generic, according to the<br>
OpenSSL documentation: "Some other (unspecified) issue arose in<br>
processing the certificate, rendering it unacceptable."<br>
<br>
I would suggest using the techniques described in<br>
<a href="https://www.rabbitmq.com/troubleshooting-ssl.html" target="_blank">https://www.rabbitmq.com/troubleshooting-ssl.html</a><br>
to acquire more diagnostic information.<br>
Do you get the same error with a certificate that you generate yourself?<br>
<span class="HOEnZb"><font color="#888888"><br>
<br>
<br>
<br>
-Emile<br>
<br>
<br>
<br>
<br>
<br>
</font></span></blockquote></div><br></div>