[rabbitmq-discuss] Problem opening an SSL connection
Chris Duncan
celldee at gmail.com
Wed Sep 23 16:32:13 BST 2009
Hi,
I'm trying to test the native SSL support in the upcoming RabbitMQ
v1.7.0 using the Ruby v1.9.1 openssl library and Erlang R12B-5_1.
I've cloned the default branch of the server code (hg id gives me
b87b7ed85157) and can start the server successfully according to
rabbit.log -
=INFO REPORT==== 23-Sep-2009::09:21:25 ===
started TCP Listener on 0.0.0.0:5672
=INFO REPORT==== 23-Sep-2009::09:21:26 ===
started SSL Listener on 0.0.0.0:5671
I wanted to get the simplest case running which is to connect without
using any certificates. I decided to try to follow the instructions
in the wiki - https://dev.rabbitmq.com/wiki/SslSupport - and so
created a rabbit.conf file with similar contents to the example (only
the paths differ). It contains -
RABBITMQ_SERVER_START_ARGS="-rabbit ssl_listeners [{\"0.0.0.0\",
5671}] -rabbit ssl_options
[{cacertfile,\"/path/to/testca/cacert.pem\"},{certfile,\"/path/to/
server/cert.pem\"},
{keyfile,\"/path/to/server/key.pem\"},{verify,verify_peer},
{fail_if_no_peer_cert,false}]"
When I try to connect I get a 'Connection reset by peer' error and
these entries in rabbit.log -
=INFO REPORT==== 23-Sep-2009::09:22:24 ===
accepted TCP connection on 0.0.0.0:5671 from 127.0.0.1:51689
=ERROR REPORT==== 23-Sep-2009::09:22:24 ===
failed to upgrade TCP connection from 127.0.0.1:51689 to SSL:
{eoptions,{cacertfile,[]}}
I'm creating an ordinary TCP socket and then using
OpenSSL::SSL::SSLSocket.new to create the SSL socket like this -
@socket = OpenSSL::SSL::SSLSocket.new(@socket)
@socket.sync_close = true
@socket.connect
The connect call is the one that is failing. This code works when
connecting via stunnel.
Any help would be greatly appreciated.
Regards,
Chris
More information about the rabbitmq-discuss
mailing list