[rabbitmq-discuss] facing issues with the SSL implementations with RabbitMQ + Windows + .Net

Alexandru Scvorţov alexandru at rabbitmq.com
Tue Aug 9 11:24:26 BST 2011


Hi Abhijit,

> Thanks for the reply, i had tried with those escape sequences in the 
> config earlier but without any success. i haven't used that dot in the 
> config , but tried that now and also restarted the rabbitMQ server 
> before running my application. But the application failed. Am posting 
> all the broker log's content and full stack trace from the .Net Client.

Great.

> Am getting the error, the moment am writing the code Ssl.Enabled = true; 
> else the connection is working fine.

Unless you use Ssl.Enabled = true, the client will just use a normal
(non-SSL) connection.

> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > Limiting to approx 924 file handles (829 sockets)
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > Memory limit set to 804MB.
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > msg_store_transient: using rabbit_msg_store_ets_index to provide index
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > msg_store_persistent: using rabbit_msg_store_ets_index to provide index
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > started TCP Listener on [::]:5672
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > started TCP Listener on 0.0.0.0:5672

If that's the entire log, then the SSL listener isn't started.  The SSL
Listener is started by the {ssl_listeners, [{"0.0.0.0",5671}]} entry.
It will start even if the other ssl_options are wrong or missing (so the
paths don't matter for this, at least).  When started, the next lines in
the log should be:

 =INFO REPORT==== 9-Aug-2011::10:38:08 ===
 started SSL Listener on 0.0.0.0:5671

Thinking about it, since you didn't get an error earlier when you forgot
the dot, I suspect rabbit isn't using the configuration file you wrote.

If you're using the default configuration (i.e. if you downloaded the
installer and are using the service), the configuration file should be
C:\Users\Administrator\AppData\Roaming\RabbitMQ\rabbitmq.config.  Is
that what you're editing?

You can also run the C:\Program Files\RabbitMQ
Server\rabbitmq-server-2.5.1\sbin\rabbitmq-server.bat from a console to
get slightly more detailed output.

Cheers,
Alex

On Tue, Aug 09, 2011 at 12:20:48PM +0530, Abhijit wrote:
> Hi Sir,
> 
> Thanks for the reply, i had tried with those escape sequences in the 
> config earlier but without any success. i haven't used that dot in the 
> config , but tried that now and also restarted the rabbitMQ server 
> before running my application. But the application failed. Am posting 
> all the broker log's content and full stack trace from the .Net Client.
> 
> Am getting the error, the moment am writing the code Ssl.Enabled = true; 
> else the connection is working fine.
> 
> _Exception Details and Stack-trace :_
> 
> > Exception Message: None of the specified endpoints were reachable
> >
> > Source: RabbitMQ.Client
> >
> > Stacktrace: at 
> > RabbitMQ.Client.ConnectionFactory.CreateConnection(Int32 maxRedirects)
> >                    at RabbitMQ.Client.ConnectionFactory.CreateConnection()
> >                    at RabbitProducer.Program.Main(String[] args) in 
> > C:\Users\pc 1\Documents\Visual Studio 
> > 2008\Projects\RabbitProducer\RabbitProducer\Program.cs:line 36
> 
> Brokers Log :
> 
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > Limiting to approx 924 file handles (829 sockets)
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > Memory limit set to 804MB.
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > msg_store_transient: using rabbit_msg_store_ets_index to provide index
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > msg_store_persistent: using rabbit_msg_store_ets_index to provide index
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > started TCP Listener on [::]:5672
> >
> > =INFO REPORT==== 9-Aug-2011::11:39:05 ===
> > started TCP Listener on 0.0.0.0:5672
> 
> Thanks and Regards,
> Abhijit
> 
> 
> 
> 
> 
> 
> On 8/8/2011 8:31 PM, Alexandru Scvorţov wrote:
> > Hello Abhijit,
> >
> > Could you please also post the broker log and the full stacktrace from
> > the .NET client?
> >
> > In the meantime, I suspect your config is wrong.  It should probably be:
> > [
> >   {rabbit, [
> > 	   {ssl_listeners, [{"0.0.0.0",5671}]},
> > 	   {ssl_options,
> > 	   [{cacertfile,"C:\\testca\\cacert.cer"},
> > 	    {certfile,"C:\\server\\cert.pem"},
> > 	    {keyfile,"C:\\server\\key.pem"},
> > 	    {verify,verify_peer},
> > 	    {fail_if_no_peer_cert,false}]}
> > 	  ]}
> > ].
> >
> > (there should be a dot at the end of the file, ssl_listeners has the wrong
> > format, and the paths don't look properly escaped)
> >
> > You can check the broker's log file to see if SSL is working or not as
> > suggested here:
> >    http://stackoverflow.com/questions/6978843/ssl-support-for-rabbit-net-windows
> >
> > Cheers,
> > Alex
> >
> > On Mon, Aug 08, 2011 at 07:39:19PM +0530, Abhijit wrote:
> >    
> >> Hi,
> >>
> >> We had develop an application for the RabbitMQ both the publisher as
> >> well as subscriber using the fanout exchange, which is working fine. But
> >> now we want to implement the ssl with our publisher as well as
> >> subscriber to provide traffic encryption. But haven't been able to
> >> implement and getting it worked still, i have followed the steps as
> >> provided in this link : _http://www.rabbitmq.com/ssl.html_. I have
> >> created the certificates as instructed in this blog, also i have
> >> implemented the code for .net as provided. I have not been able to find
> >> out does my code refers to the rabbitmq.config file which i have created
> >> as per the rabbitmq blog and placed it in the appdata/rabbitMQ as for
> >> windows. But am not sure is this being referred,
> >> the config file:
> >>      
> >>> [
> >>>    {rabbit, [
> >>>       {ssl_listeners, [5671]},
> >>>       {ssl_options, [{cacertfile,"C:\testca/cacert.cer"},
> >>>                      {certfile,"C:\server/cert.pem"},
> >>>                      {keyfile,"C:\server/key.pem"},
> >>>                      {verify,verify_peer},
> >>>                      {fail_if_no_peer_cert,false}]}
> >>>     ]}
> >>> ]
> >>>        
> >> we are using the rabbitMQ Service with the latest version of 2.5.1,
> >> Erlang R14B02 and on .Net on Windows. Am i missing something or do we
> >> need something extra for running on .net and windows.
> >>
> >> Thanks and Regards,
> >> Abhijit
> >>
> >>      
> >    
> >> _______________________________________________
> >> rabbitmq-discuss mailing list
> >> rabbitmq-discuss at lists.rabbitmq.com
> >> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
> >>      
> >    
> 


More information about the rabbitmq-discuss mailing list