<div dir="ltr">The config I posted was from when I was testing some things and is not correct.  The ssl port should be 15675.<br><br>On Wednesday, April 30, 2014 5:04:56 PM UTC-5, br...@debtpaypro.com wrote:<blockquote class="gmail_quote" style="margin: 0;margin-left: 0.8ex;border-left: 1px #ccc solid;padding-left: 1ex;"><div dir="ltr">I'm having a similar, or possibly the same, problem.  My config is basically the same as yours.  I'm running version 3.3.1.  When starting up, a message is logged that says "rabbit_web_stomp: listening for HTTPS connections on <a href="http://0.0.0.0:15675" target="_blank" onmousedown="this.href='http://www.google.com/url?q\75http%3A%2F%2F0.0.0.0%3A15675\46sa\75D\46sntz\0751\46usg\75AFQjCNFBkuI1TKZ10XNPMsDh-7yX0MwG8w';return true;" onclick="this.href='http://www.google.com/url?q\75http%3A%2F%2F0.0.0.0%3A15675\46sa\75D\46sntz\0751\46usg\75AFQjCNFBkuI1TKZ10XNPMsDh-7yX0MwG8w';return true;">0.0.0.0:15675</a>", but netstat shows that nothing is listening on port 15675 and connections to my server on port 15675 fail.  There aren't any other interesting log messages in any of the rabbit log files.  I have tried changing the port several time but the same message is logged and nothing listens on the new port.  I know the certificates are good since we're using the on our live sites.  If I change the config to point to files that do not exist for the certificates, the same thing happens.<br><br>rabbitmq.config:<br><br>[<br>  {rabbit, [<br>    {auth_backends, [rabbit_auth_backend_internal]<wbr>},<br>    {log_levels, [<br>      {connection, info},<br>      {mirroring, info}<br>    ]},<br>    {heartbeat, 10},<br>    {collect_statistics_interval, 1000},<br>    {delegate_count, 32},<br>    {cluster_partition_handling, pause_minority}<br>  ]},<br>  {rabbitmq_management, [<br>    {sample_retention_policies, [<br>      {global, [{3600, 5}, {86400, 60}, {604800, 600}]},<br>      {basic, [{60, 5}, {3600, 60}]},<br>      {detailed, [{30, 1}]}<br>    ]},<br>    {http_log_dir, "/tmp/rabbit-mgmt"}<br>  ]},<br>  {kernel, [<br>    {net_ticktime, 5}<br>  ]},<br>  {rabbitmq_web_stomp, [<br>    {ssl_config, [<br>      {port,       15674},<br>      {backlog,    1024},<br>      {certfile,   "/etc/pki/tls/certs/dpp.crt"},<br>      {keyfile,    "/etc/pki/tls/private/dpp.key"<wbr>}<br>    ]}<br>  ]}<br>].<br><br><br>status:<br><br> {running_applications,<br>     [{rabbitmq_web_stomp,"Rabbit WEB-STOMP - WebSockets to Stomp adapter",<br>          "3.3.1"},<br>      {ssl,"Erlang/OTP SSL application","4.1.6"},<br>      {public_key,"Public key infrastructure","0.13"},<br>      {crypto,"CRYPTO version 2","2.0.4"},<br>      {rabbitmq_stomp,"Embedded Rabbit Stomp Adapter","3.3.1"},<br>      {rabbitmq_management_<wbr>visualiser,"RabbitMQ Visualiser","3.3.1"},<br>      {rabbitmq_management,"RabbitMQ Management Console","3.3.1"},<br>      {rabbitmq_management_agent,"<wbr>RabbitMQ Management Agent","3.3.1"},<br>      {rabbitmq_amqp1_0,"AMQP 1.0 support for RabbitMQ","3.3.1"},<br>      {rabbit,"RabbitMQ","3.3.1"},<br>      {os_mon,"CPO  CXC 138 46","2.2.7"},<br>      {rabbitmq_web_dispatch,"<wbr>RabbitMQ Web Dispatcher","3.3.1"},<br>      {webmachine,"webmachine","1.<wbr>10.3-rmq3.3.1-gite9359c7"},<br>      {mochiweb,"MochiMedia Web Server","2.7.0-rmq3.3.1-<wbr>git680dba8"},<br>      {xmerl,"XML parser","1.2.10"},<br>      {cowboy,"Small, fast, modular HTTP server.","0.5.0-rmq3.3.1-<wbr>git4b93c2d"},<br>      {sockjs,"SockJS","0.3.4-rmq3.<wbr>3.1-git3132eb9"},<br>      {inets,"INETS  CXC 138 49","5.7.1"},<br>      {mnesia,"MNESIA  CXC 138 12","4.5"},<br>      {amqp_client,"RabbitMQ AMQP Client","3.3.1"},<br>      {sasl,"SASL  CXC 138 11","2.1.10"},<br>      {stdlib,"ERTS  CXC 138 10","1.17.5"},<br>      {kernel,"ERTS  CXC 138 10","2.14.5"}]},<br> {os,{unix,linux}},<br> {erlang_version, <br>     "Erlang R14B04 (erts-5.8.5) [source] [64-bit] [smp:24:24] [rq:24] [async-threads:30] [kernel-poll:true]\n"},<br><br><br>On Friday, April 25, 2014 4:34:22 PM UTC-5, Sebastien Dubois wrote:<blockquote class="gmail_quote" style="margin:0;margin-left:0.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><font face="arial, sans-serif" size="2"><br></font><div><font face="arial, sans-serif" size="2">Hi all,</font></div><div><font face="arial, sans-serif" size="2"><br></font></div><div><font face="arial, sans-serif" size="2">  Up to recently we've been using RabbitMQ 3.2.3/Erlang R15B01 with the web_Stomp plugin over SSL.  Since this was not supported, we had to rebuilt the web_stomp plugin using a patched branch as described at <a href="https://gist.github.com/berico-rclayton/5475365" target="_blank" onmousedown="this.href='https://www.google.com/url?q\75https%3A%2F%2Fgist.github.com%2Fberico-rclayton%2F5475365\46sa\75D\46sntz\0751\46usg\75AFQjCNGnKsNVT2kqlQdJ6Uw6so82l_Zy9A';return true;" onclick="this.href='https://www.google.com/url?q\75https%3A%2F%2Fgist.github.com%2Fberico-rclayton%2F5475365\46sa\75D\46sntz\0751\46usg\75AFQjCNGnKsNVT2kqlQdJ6Uw6so82l_Zy9A';return true;">https://gist.github.com/<wbr>berico-rclayton/5475365</a> (also see <a href="https://github.com/rabbitmq/rabbitmq-web-stomp/pull/3" target="_blank" onmousedown="this.href='https://www.google.com/url?q\75https%3A%2F%2Fgithub.com%2Frabbitmq%2Frabbitmq-web-stomp%2Fpull%2F3\46sa\75D\46sntz\0751\46usg\75AFQjCNFFDmbbZR1Rfna42TLFOnu5uUJh5Q';return true;" onclick="this.href='https://www.google.com/url?q\75https%3A%2F%2Fgithub.com%2Frabbitmq%2Frabbitmq-web-stomp%2Fpull%2F3\46sa\75D\46sntz\0751\46usg\75AFQjCNFFDmbbZR1Rfna42TLFOnu5uUJh5Q';return true;">https://github.com/<wbr>rabbitmq/rabbitmq-web-stomp/<wbr>pull/3</a>).  This has been working fine for months.</font></div><div><font face="arial, sans-serif" size="2"><br></font></div><div><font face="arial, sans-serif" size="2">  We recently realized that the fix for SSL support in web_stomp was systemized in RabbitMQ 3.3.0/Erlang R16B03.  So we installed it and updated our configuration.  However, using the exact same setup and self-signed keys/certificates, we cannot get the new version to work properly while using SSL over stomp.  Connecting to https://<rabbit server IP>:15678/stomp just fails, although from the log web_stomp seems to be listening correctly on port 15678.  We tried to regenerate a new set of keys, but it did not do anything.</font></div><div><font face="arial, sans-serif" size="2"><br></font></div><div><font face="arial, sans-serif" size="2">Our old rabbitMQ config (patched 3.2.3 web_stomp) was:</font></div><div><font face="arial, sans-serif" size="2"><br></font></div><div><p class="MsoNormal"><font face="arial, sans-serif" size="2">  {rabbitmq_web_stomp, [</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">       
{ssl_enabled, true},</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">       
{https_port, 15678},</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">       
{ssl_key_file, "/usr/local/ssl/private/<wbr>server.key"},</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">       
{ssl_key_password, "password"},</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">       
{ssl_ca_certificate_file, "/usr/local/ssl/crt/public.<wbr>crt"},</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">       
{ssl_certificate_file, "/usr/local/ssl/crt/public.<wbr>crt"}</font></p>

<p class="MsoNormal"><font face="arial, sans-serif" size="2">   ] },</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2"><br></font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">And the corresponding new config on RabbitMQ 3.3.0 is</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">  {rabbitmq_web_stomp,</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">      [{ssl_config,
[{port,       15678},</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">                    
{backlog,    1024},</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">                    
{certfile,   "/usr/local/ssl/crt/public.<wbr>crt"},</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">                    
{keyfile,    "/usr/local/ssl/private/<wbr>server.key"},</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">                    
{cacertfile, "/usr/local/ssl/crt/public.<wbr>crt"},</font></p><p class="MsoNormal"><span style="color:rgb(51,51,51);white-space:pre;background-color:rgb(238,238,238)"><font face="arial, sans-serif" size="2">                     {password,   "password"}</font></span><font face="arial, sans-serif" size="2"><br></font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">      ]}</font></p><p class="MsoNormal">













</p><p class="MsoNormal"><font face="arial, sans-serif" size="2">  ]},</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">Is our config ok?  does anybody experienced similar problems or have any idea what we could be doing wrong?</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2"><br></font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">Thanks in advance,</font></p><p class="MsoNormal"><font face="arial, sans-serif" size="2">/Sebas</font></p></div></div></blockquote></div></blockquote></div>