Reputation: 5852
Can't connect to RabbitMq-c using SSL support
I'm trying to run the SSL example "amqps_listenq" in rabbitmq-c library (ssl-plumbing branch) using the command line
$./amqps_listenq [ServerIP] 5671 hello ./cacert.pem ./key.pem ./cert.pem
i got the following error
opening SSL/TLS connection
when i try to debug the code it fails in the following block in main
status = amqp_socket_open(socket, hostname, port);
if (status) {
die("opening SSL/TLS connection");
}
when i debug into "amqp_socket_open" method i found that it fails in the following block in amqp_openssl.c
if (self->verify) {
int status = amqp_ssl_socket_verify(self, host);
if (status) {
return -1;
}
}
I traced the error inside amqp_ssl_socket_verify and found that i fails in the following block
#ifdef _MSC_VER
#define strcasecmp _stricmp
#endif
if (strcasecmp(host, (char *)utf8_value)) {
goto error; //<-- it fails here
}
#ifdef _MSC_VER
#undef strcasecmp
#endif
exit:
OPENSSL_free(utf8_value);
return status;
error:
status = -1;
goto exit;
status was equal to -1 any idea where is the problem??
Note that i can easily connect to RabbitMq with SSL on the same server using java even i didn't set certificates using the following code
ConnectionFactory factory = new ConnectionFactory();
factory.setHost("[ServerIP]");
factory.setPort(5671);
factory.useSslProtocol();
factory.setUsername("guest");
factory.setPassword("guest");
Connection connection = factory.newConnection();
Channel channel = connection.createChannel();
channel.queueDeclare("hello_ssl", false, false, false, null);
System.out.println(" [*] Waiting for messages. To exit press CTRL+C");
QueueingConsumer consumer = new QueueingConsumer(channel);
channel.basicConsume(QUEUE_NAME, true, consumer);
while (true){
QueueingConsumer.Delivery delivery = consumer.nextDelivery();
String message = new String(delivery.getBody());
System.out.println(" [" + i + "] Received '" + message + "'");
}
Upvotes: 0
Views: 2396
Answers (2)
Reputation: 41
The problem is the certificate, verify that the domain matches in the certificate details.
Upvotes: 0
Reputation: 41
I have been debugging librabbitmq and I see exactly the same behavior. The utf8_value variable contains "amqp" while the host variable contains the amqp server hostname.
I have a work around:
- if (strcasecmp(host, (char *)utf8_value)) {
- goto error;
+
+ if(strcasecmp((char *)utf8_value, "amqp")) {
+ if (strcasecmp(host, (char *)utf8_value) ) {
+ goto error;
+ }
}
I have forked and patched here: https://github.com/drainware/rabbitmq-c
Upvotes: 1
Related Questions
- Cannot established ssl connection with rabbitmq
- RabbitMQ Over SSL
- SSL configurations in Rabbitmq.conf file is not being applied to my rabbitmq-server
- connect to rabbitmq SSLError: [SSL: SSLV3_ALERT_HANDSHAKE_FAILURE] sslv3 alert handshake failure (_ssl.c:1108)
- RabbitMQ server on RHEL7 resets SSL connection
- RabbitMQ: handshake error when attempting to use SSL certificates
- RabbitMQ .NET Client Not Working with TLS v1.2
- Handshake timeout ERROR with ssl connection in RabbitMQ
- SSL enabling for rabbitmq mangement. Server starts, but fails to accept requests
- RabbitMQ SSL handshake failure on any connection attempt with certificate authentication