I have the same issue from this question: RabbitMQ Connection reset. My code is in kotlin and from https://www.rabbitmq.com/ssl.html#java-client-connecting.
JavaScript
x
val connectionFactory = ConnectionFactory() connectionFactory.host = "localhost" connectionFactory.port = 5671 connectionFactory.useSslProtocol() val connection = connectionFactory.newConnection() val channel = connection.createChannel(); channel.queueDeclare("rabbitmq-java-test", false, true, true, null); channel.basicPublish("", "rabbitmq-java-test", null, "Hello, World!".toByteArray()) val response = channel.basicGet("rabbitmq-java-test", false) if (response == null) { println("No message retrieved") } else { val body = response.body println(String(body)) } channel.close() connection.close()I have RabbitMQ configured this way:
JavaScript
[ {rabbit, [ {loopback_users, []}, {ssl_listeners, [5671]}, {ssl_options, [{cacertfile, "pathtorabbitCA.pem"}, {certfile, "pathtolocalhost-crt.pem"}, {keyfile, "pathtolocalhost-key.pem"}, {verify, verify_peer}, {fail_if_no_peer_cert, false}]}, {log, [{file, [{level, debug}]} ] }].I tested this: https://www.rabbitmq.com/troubleshooting-ssl.html#sclient-connection and getting result in cmd:
JavaScript
OpenSSL> s_client -connect localhost:5671 -cert client-certificate.pem -key client-key.pem -CAfile rabbitCA.crtCONNECTED(00000198)write:errno=10054---no peer certificate available---No client certificate CA names sent---SSL handshake has read 0 bytes and written 293 bytesVerification: OK---New, (NONE), Cipher is (NONE)Secure Renegotiation IS NOT supportedCompression: NONEExpansion: NONENo ALPN negotiatedEarly data was not sentVerify return code: 0 (ok)---error in s_clientRabbitMQ log (1 attempt to connect):
JavaScript
2020-05-21 21:12:38.821 [debug] <0.2147.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:38.852 [debug] <0.2148.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:44.120 [debug] <0.2155.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:44.137 [debug] <0.2156.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:48.827 [debug] <0.2162.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:48.846 [debug] <0.2163.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:54.124 [debug] <0.2171.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:54.150 [debug] <0.2172.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:58.820 [debug] <0.2178.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:12:58.835 [debug] <0.2179.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:04.121 [debug] <0.2186.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:04.143 [debug] <0.2188.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:08.817 [debug] <0.2194.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:08.835 [debug] <0.2195.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:10.325 [debug] <0.2199.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:10.354 [debug] <0.2200.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:14.120 [debug] <0.2217.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:14.141 [debug] <0.2218.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:18.817 [debug] <0.2225.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal2020-05-21 21:13:18.832 [debug] <0.2226.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internalAnd exception, it’s coming from line with “val connection = connectionFactory.newConnection()”
JavaScript
2020-05-21 21:13:10,669 [Test worker] WARN com.rabbitmq.client.TrustEverythingTrustManager - This trust manager trusts every certificate, effectively disabling peer verification. This is convenient for local development but prone to man-in-the-middle attacks. Please see http://www.rabbitmq.com/ssl.html#validating-cerficates to learn more about peer certificate validation.Connection resetjava.net.SocketException: Connection reset at java.net.SocketInputStream.read(SocketInputStream.java:210) at java.net.SocketInputStream.read(SocketInputStream.java:141) at sun.security.ssl.InputRecord.readFully(InputRecord.java:465) at sun.security.ssl.InputRecord.read(InputRecord.java:503) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983) at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1779) at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124) at sun.security.ssl.Handshaker.kickstart(Handshaker.java:1093) at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1497) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1361) at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:757) at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123) at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82) at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140) at java.io.DataOutputStream.flush(DataOutputStream.java:123) at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:147) at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:153) at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:303) at com.rabbitmq.client.impl.recovery.RecoveryAwareAMQConnectionFactory.newConnection(RecoveryAwareAMQConnectionFactory.java:64) at com.rabbitmq.client.impl.recovery.AutorecoveringConnection.init(AutorecoveringConnection.java:134) at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:997) at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:956) at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:914) at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:1068)When I try to check TLS support in Erlang https://www.rabbitmq.com/troubleshooting-ssl.html#verify-tls-support-in-erlang I’m getting this in log:
JavaScript
2020-05-21 21:52:03.031 [error] <0.1530.0> ** Connection attempt from disallowed node 'rabbitmqcli-23412-rabbit@DESKTOP-UI450MM' ** 2020-05-21 21:52:03.065 [error] <0.1533.0> ** Connection attempt from disallowed node 'rabbitmqcli-23412-rabbit@DESKTOP-UI450MM' ** I also tried to configure SSLContext for connectionFactory.useSslProtocol(SSLContext sslContext) method, but output is the same except string about trust manager, just exception.
I can’t understand where’s a problem
Advertisement
Answer
Ok, so the answer is quite simple: you need to add a backslash for your path if you using Windows. Path will be {cacertfile, “\path\to\rootCA.pem”}.