[rabbitmq-discuss] How to avoid handshake_timout while attempting a SSL connection to the RabbitMQ broker?

Michael Klishin mklishin at gopivotal.com
Mon Jun 30 20:23:22 BST 2014

On 30 June 2014 at 23:12:41, Rodrigo Pimenta Carvalho (pimenta at inatel.br) wrote:
> > When I attempt a SSL connection to broker, using the command  
> "openssl s_client -connect localhost:5671 -cert client/cert.pem  
> -key client/key.pem -CAfile testca/cacert.pem" , it presents  
> the message “Verify return code: 0 (ok)”. However, after an instant,  
> it closes and presents “Closed”.
> In the log I got:
> =INFO REPORT==== 30-Jun-2014(http://airmail.calendar/2014-06-30%2012:00:00%20GMT+4)::10:47:09  
> ===
> accepting AMQP connection <0.306.0> ( ->  
> =ERROR REPORT==== 30-Jun-2014(http://airmail.calendar/2014-06-30%2012:00:00%20GMT+4)::10:47:19  
> ===
> closing AMQP connection <0.306.0> ( ->  
> {handshake_timeout,handshake}
> What should I configure in RabbitMQ to avoid such kind of timeout  
> issue?

Right, so I misunderstood what happens. When you connect with openssl s_client,
RabbitMQ expects the client to perform AMQP 0-9-1 handshake and openssl s_client,
of course, doesn't do that.

So this error is expected with s_client. Use a real RabbitMQ client, which will
perform the handshake. 

Staff Software Engineer, Pivotal/RabbitMQ

More information about the rabbitmq-discuss mailing list