Skip to content
Advertisement

RabbitMQ Connection reset Exception

I have the same issue from this question: RabbitMQ Connection reset. My code is in kotlin and from https://www.rabbitmq.com/ssl.html#java-client-connecting.

        val connectionFactory = ConnectionFactory()
        connectionFactory.host = "localhost"
        connectionFactory.port = 5671
        connectionFactory.useSslProtocol()

        val connection = connectionFactory.newConnection()
        val channel = connection.createChannel();

        channel.queueDeclare("rabbitmq-java-test", false, true, true, null);
        channel.basicPublish("", "rabbitmq-java-test", null, "Hello, World!".toByteArray())

        val response = channel.basicGet("rabbitmq-java-test", false)
        if (response == null) {
            println("No message retrieved")
        } else {
            val body = response.body
            println(String(body))
        }

        channel.close()
        connection.close()

I have RabbitMQ configured this way: 

[
    {rabbit, [
        {loopback_users, []},
        {ssl_listeners, [5671]},
        {ssl_options, [{cacertfile, "pathtorabbitCA.pem"},
                       {certfile, "pathtolocalhost-crt.pem"},
                       {keyfile, "pathtolocalhost-key.pem"},
                       {verify, verify_peer},
                       {fail_if_no_peer_cert, false}]},
        {log, [{file, [{level, debug}]}
      ]
    }
].

I tested this: https://www.rabbitmq.com/troubleshooting-ssl.html#sclient-connection and getting result in cmd:

OpenSSL> s_client -connect localhost:5671 -cert client-certificate.pem -key client-key.pem -CAfile rabbitCA.crt
CONNECTED(00000198)
write:errno=10054
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 293 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
error in s_client

RabbitMQ log (1 attempt to connect): 

2020-05-21 21:12:38.821 [debug] <0.2147.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:38.852 [debug] <0.2148.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:44.120 [debug] <0.2155.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:44.137 [debug] <0.2156.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:48.827 [debug] <0.2162.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:48.846 [debug] <0.2163.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:54.124 [debug] <0.2171.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:54.150 [debug] <0.2172.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:58.820 [debug] <0.2178.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:12:58.835 [debug] <0.2179.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:04.121 [debug] <0.2186.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:04.143 [debug] <0.2188.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:08.817 [debug] <0.2194.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:08.835 [debug] <0.2195.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:10.325 [debug] <0.2199.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:10.354 [debug] <0.2200.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:14.120 [debug] <0.2217.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:14.141 [debug] <0.2218.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:18.817 [debug] <0.2225.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal
2020-05-21 21:13:18.832 [debug] <0.2226.0> User 'guest' authenticated successfully by backend rabbit_auth_backend_internal

And exception, it’s coming from line with “val connection = connectionFactory.newConnection()”

2020-05-21 21:13:10,669 [Test worker] WARN  com.rabbitmq.client.TrustEverythingTrustManager - This trust manager trusts every certificate, effectively disabling peer verification. This is convenient for local development but prone to man-in-the-middle attacks. Please see http://www.rabbitmq.com/ssl.html#validating-cerficates to learn more about peer certificate validation.

Connection reset
java.net.SocketException: Connection reset
    at java.net.SocketInputStream.read(SocketInputStream.java:210)
    at java.net.SocketInputStream.read(SocketInputStream.java:141)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
    at sun.security.ssl.InputRecord.read(InputRecord.java:503)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:983)
    at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1779)
    at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
    at sun.security.ssl.Handshaker.kickstart(Handshaker.java:1093)
    at sun.security.ssl.SSLSocketImpl.kickstartHandshake(SSLSocketImpl.java:1497)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1361)
    at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:757)
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at java.io.DataOutputStream.flush(DataOutputStream.java:123)
    at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:147)
    at com.rabbitmq.client.impl.SocketFrameHandler.sendHeader(SocketFrameHandler.java:153)
    at com.rabbitmq.client.impl.AMQConnection.start(AMQConnection.java:303)
    at com.rabbitmq.client.impl.recovery.RecoveryAwareAMQConnectionFactory.newConnection(RecoveryAwareAMQConnectionFactory.java:64)
    at com.rabbitmq.client.impl.recovery.AutorecoveringConnection.init(AutorecoveringConnection.java:134)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:997)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:956)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:914)
    at com.rabbitmq.client.ConnectionFactory.newConnection(ConnectionFactory.java:1068)

When I try to check TLS support in Erlang https://www.rabbitmq.com/troubleshooting-ssl.html#verify-tls-support-in-erlang I’m getting this in log:

2020-05-21 21:52:03.031 [error] <0.1530.0> ** Connection attempt from disallowed node 'rabbitmqcli-23412-rabbit@DESKTOP-UI450MM' ** 
2020-05-21 21:52:03.065 [error] <0.1533.0> ** Connection attempt from disallowed node 'rabbitmqcli-23412-rabbit@DESKTOP-UI450MM' **

I also tried to configure SSLContext for connectionFactory.useSslProtocol(SSLContext sslContext) method, but output is the same except string about trust manager, just exception. I can’t understand where’s a problem

Advertisement

Answer

Ok, so the answer is quite simple: you need to add a backslash for your path if you using Windows. Path will be {cacertfile, “\path\to\rootCA.pem”}.

User contributions licensed under: CC BY-SA
7 People found this is helpful
Advertisement