1

I have followed the steps mentioned by this link https://www.rabbitmq.com/ssl.html , since i am using web_stomp i have modified the URL of webstomp to wss://my_url:my_web_stomp_port/ws and i have my rabbitmq.config as

[
  {rabbit, [
    { loopback_users, [ ] },
  { tcp_listeners, [ 5672 ] },
    { hipe_compile, false },
    {ssl_listeners, [5671]},
    {ssl_options, [{cacertfile,"/path/to/crt/cacert.pem"},
                    {certfile,"/path/to/crt/cert.pem"},
                    {keyfile,"/path/to/crt/key.pem"},
                    {verify,verify_peer},
                    {fail_if_no_peer_cert,false}]}
  ]},
  {rabbitmq_web_stomp,
      [{ssl_config, [{port,       15671},
                    {backlog,    1024},
                    {certfile,   "/path/to/crt/cert.pem"},
                    {keyfile,    "/path/to/crt/key.pem"},
                    {cacertfile, "/path/to/crt/cacert.pem"},

].

to verify my ssl connection is used openssl s_client -connect localhost:15671 -debug -msg but the output is just CONNECTED(00000003) is waiting for a handshake probably for a very long time i also get failed: WebSocket opening handshake timed out in the console

my logs show

=INFO REPORT==== date:time ===
rabbit_web_stomp: listening for HTTPS connections on 0.0.0.0:15671

My rabbitMQ version is 3.6.2 and Erlang version is 19.1

i suspected there is a problem with the TLS version or something else

can anyone give me a hand to solve this problem ?

womble
  • 96,255
  • 29
  • 175
  • 230
Vignajeth
  • 111
  • 2

1 Answers1

0

The RabbitMQ team monitors this mailing list and only sometimes answers questions on StackOverflow.

When I have run into the same "waiting for handshake" symptom as you describe it has been because one of the certificate paths is invalid (certfile, keyfile or cacertfile). Double-check that those paths are correct and that the rabbitmq user can read them.

Luke Bakken
  • 211
  • 2
  • 5