[rabbitmq-discuss] Issues with RabbitMQ, SSL and .NET
Yoda Meng
yodameng at gmail.com
Fri Mar 14 13:08:00 GMT 2014
Hi Alex.
I follow and read through the thread carefully because I ran into almost
exactly the same problem when trying to use SSL to authenticate my .NET
client. Both broker and client sit on the same machine. The only advertised
working example
in http://blog.johnruiz.com/2011/12/establishing-ssl-connection-to-rabbitmq.html
does not work for me for some reason.
So I follow all the suggested route and start up s_server and ran my .net
client to it as suggested. this is what I got:
openssl s_server -accept 5671 -cert SSLserver/cert.pem -key
SSLserver/key.pem \
> -CAfile SSLCA/cacert.pem
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
-----BEGIN SSL SESSION PARAMETERS-----
MHUCAQECAgMABAIABQQg2uALybqAbk6tXfkSN/Pypg4kqeosku2CdlyFiQj9gGcE
MI0tXD4TyV/YWyqUB8gTnOc/Scx3hLJYG1dxGbDalzDg/Vz9BOSGBqfkvCYAERLq
CKEGAgRTIvxuogQCAgEspAYEBAEAAAA=
-----END SSL SESSION PARAMETERS-----
Shared ciphers:RC4-SHA:DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:RC4-MD5
CIPHER is RC4-SHA
Secure Renegotiation IS supported
AMQP ERROR
shutting down SSL
CONNECTION CLOSED
ACCEPT
and the .NET errors displays:
None of the specified endpoints were reachable
Endpoints attempted:
------------------------------------------------
endpoint=amqp-0-9://MM181938-PC:5671, attempts=1
RabbitMQ.Client.Exceptions.ProtocolVersionMismatchException: AMQP server
protoc
l negotiation failure: server version unknown-unknown, client version 0-9
at RabbitMQ.Client.Impl.ConnectionBase.StartAndTune()
at RabbitMQ.Client.Framing.Impl.v0_9_1.Connection.Open(Boolean insist)
at RabbitMQ.Client.Impl.ConnectionBase..ctor(ConnectionFactory factory,
Bool
an insist, IFrameHandler frameHandler)
at
RabbitMQ.Client.Framing.Impl.v0_9_1.Connection..ctor(ConnectionFactory fa
tory, Boolean insist, IFrameHandler frameHandler)
at
RabbitMQ.Client.Framing.Impl.v0_9_1.ProtocolBase.CreateConnection(Connect
onFactory factory, Boolean insist, IFrameHandler frameHandler)
at RabbitMQ.Client.ConnectionFactory.FollowRedirectChain(Int32
maxRedirects,
IDictionary`2 connectionAttempts, IDictionary`2 connectionErrors,
AmqpTcpEndpoi
t[]& mostRecentKnownHosts, AmqpTcpEndpoint endpoint)
================================================
Stack trace:
at RabbitMQ.Client.ConnectionFactory.CreateConnection(Int32 maxRedirects)
at RabbitMQ.Client.ConnectionFactory.CreateConnection()
at RabbitSslTest.Program.Start() in c:\Users\meng\Documents\Visual
Studio 20
2\Projects\testCert\testCert\Program.cs:line 59
please help.
Yours,
yoda
On Monday, 12 September 2011 12:22:33 UTC-4, Alexandru Scvorţov wrote:
>
> > As I said before we tried CN=server-PC for our certs
> > and added "server-PC 10.35.110.167" to hosts file on our windows machine.
>
> Ok.
>
> > And when we check we still get "bad gethostbyaddr" from openssl s_server
> > also .net client crashes,
> > and problem continues...
>
> Turns out that's because the client's IP isn't in the server's hosts
> file. Should be harmless and works fine without that.
>
> The output from s_client is perfectly fine and shows that the .NET can
> connect to the server machine via SSL.
>
> Is there any chance you could try running your .NET program from a
> different
> machine? In particular, could you run under Mono on the same machine as
> the broker?
>
> Please reply to this message and don't start a new thread.
>
> Cheers,
> Alex
>
> On Mon, Sep 12, 2011 at 05:25:47PM +0200, Umut Sahin wrote:
> > As I said before we tried CN=server-PC for our certs
> > and added "server-PC 10.35.110.167" to hosts file on our windows machine.
> >
> > And when we check we still get "bad gethostbyaddr" from openssl s_server
> > also .net client crashes,
> > and problem continues...
> >
> > Regards,
> > Umut
> >
> >
> > _______________________________________________
> > rabbitmq-discuss mailing list
> > rabbitmq... at lists.rabbitmq.com <javascript:>
> > https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq... at lists.rabbitmq.com <javascript:>
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140314/99f8278e/attachment.html>
More information about the rabbitmq-discuss
mailing list