[rabbitmq-discuss] {SSL upgrade error, timeout}
Dharshan Rangegowda
dharshanr at scalegrid.net
Mon Oct 22 21:48:36 BST 2012
Hi Emile,
I ran through the troubleshooting wizard and the openssl connection test
passes - so that makes me think it is not a network issue. However my java
client still fails with the "Remote host closed connection during
handshake" error. I have included the results of the connection test below.
Any other thoughts on how I can debug this?
C:\temp>openssl s_client -connect 199.71.180.59:5671 -CAfile ssltest.pem
CONNECTED(00000003)
depth=1 /CN=ScaleGridCA
verify return:1
depth=0 /CN=i-19-483-VM/O=server
verify return:1
---
Certificate chain
0 s:/CN=i-19-483-VM/O=server
i:/CN=ScaleGridCA
1 s:/CN=ScaleGridCA
i:/CN=ScaleGridCA
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIC5zCCAc+gAwIBAgIBNDANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDEwtTY2Fs
ZUdyaWRDQTAeFw0xMjEwMjIxNjIxNTJaFw0xMzEwMjIxNjIxNTJaMCcxFDASBgNV
BAMTC2ktMTktNDgzLVZNMQ8wDQYDVQQKEwZzZXJ2ZXIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDX7e0Jql/WTD7OUDTIQmg+igwhiVO+17QBuDkgSsQ/
9nRJSCZzEKC9guH7V+Veq8UG9G2brqwF10jzuZSOq3CGaBWH+F5KE/U+q2yuR3kt
sOLz6wgMgYnobI1SWjvlkbwYKhgnv689m58Ub5lTISB3aKwT4C0ilnWBbF0v61mq
TFtjwDRAbCPXl9HwbBFoeLpTsiRu76VXWkA6pv9Ndl4hhcg2YLGwWAOdZO2/NUCB
QjqrHOir9ekjmpjWMQmWakN61/ckFuuFtGLOqrcujbRuVpAFFWGd53/quCZ+WKNw
81ZdafFnUSI8ioK2sHGQFxsQKNkpaRuE2/YbrLam+4HPAgMBAAGjLzAtMAkGA1Ud
EwQCMAAwCwYDVR0PBAQDAgUgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMA0GCSqGSIb3
DQEBBQUAA4IBAQBqBdvs5eHfVbh8jtp3KF/Q/UG/RtMBrkBnlFWLdBKbhYbWCC1K
5VncFIpQQ2K44G+RWaqMpPgwj4AZso83/JXn11b52ZxGdR8iogrAX4vWw41CNKfr
VX0jj4/TPlwFvdS9Jzd3w/NAvLgQ1JXZdBaWxAagfXl8++5nVdC94sj4GNkrCwyN
r4zBiA6BOsmznVLBLjpoj3WLlrJDGZCTv+PSHDplZtuquDyl37PLOG6F2WUFAxaL
vhj7zKVTGIj7ESXuNYKnTSyLEkxvrlWdKooJKmH+v5xxEM6H2PqFcS/LGwIaUuxc
26AKWBnVcK+Pd86765KirNUwf7Fm2ChKwj9M
-----END CERTIFICATE-----
subject=/CN=i-19-483-VM/O=server
issuer=/CN=ScaleGridCA
---
No client certificate CA names sent
---
SSL handshake has read 1632 bytes and written 444 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID:
A0F1A911ED174A49B8AACDD54C3F21C1FD332949D892EEDABF84479DC21BB22D
Session-ID-ctx:
Master-Key:
8FCF38B3652F0A2E6BA8EEBACF2F7387C84416DDCC365A4FF8A4A4FA4B06343DEE463499007DDD03E1155A4A4D8317EE
Key-Arg : None
Start Time: 1350938613
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
12345678
AMQP ☺closed
On Mon, Oct 22, 2012 at 2:24 AM, Emile Joubert <emile at rabbitmq.com> wrote:
> Hi,
>
> On 21/10/12 21:23, dharshanr wrote:
> > =ERROR REPORT==== 21-Oct-2012::09:12:49 ===
> > error on AMQP connection <0.7614.0>: {ssl_upgrade_error,timeout}
>
> Are you sure the problem is not network-related?
>
> > The certs are self signed certs and not trusted. Any thoughts on how I
> > can debug this error?
>
> It is strange that a working setup stops working suddenly. The tips in
> the SSL troubleshooting guide might provide more debugging information:
>
> http://www.rabbitmq.com/troubleshooting-ssl.html
>
>
> -Emile
>
>
--
regards,
Dharshan.
www.scalegrid.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20121022/75aee49f/attachment.htm>
More information about the rabbitmq-discuss
mailing list