2

I created an Amazon MQ broker:

  • Select broker engine: RabbitMQ 3.8.6
  • Single-instance broker
  • Network and security: Public access
  • VPC and subnets: Use the default VPC and subnet(s)

I have tried two libraries: from RabbitMQ manual and Enqueue\AmqpExt

Either of them cannot connect to Amazon (with docker container all works fine. But I want to try AMAZON MQ.

I used code below:

    use Enqueue\AmqpExt\AmqpConnectionFactory;
    use PhpAmqpLib\Connection\AMQPSSLConnection;

    $connectionFactory = new AmqpConnectionFactory([
        'host'      => 'b-da219bXXXXXXXXXXXX86a.mq.us-east-1.amazonaws.com',
        'port'      => 5671,
        'vhost'     => '/',
        'user'      => 'xxxx',    
        'pass'      => 'xxxx', // I can login with this to rabbit admin panel
        'persisted' => false,
        'ssl_on' => false,
        'ssl_verify' => false,
    ]);

    $c = $connectionFactory->createContext();

    $queue = $c->createQueue('emails');
    $c->declareQueue($queue);

Result:

  Library error: connection closed unexpectedly - Potential login failure.

With 'ssl_on' => true the same error.

I don't know can it be happen because I didn't provide ssl cert to amazon.

If so, how to fix it?

Tim
  • 1,798
  • 2
  • 15
  • 20

4 Answers4

4

I've had success with php-amqplib, and I am actually not using the newest version (I am on v2.12.3). I can connect using this:

$connection = new AMQPSSLConnection($host, $port, $user, $pass, $vhost, ['verify_peer_name' => false], [], 'ssl');

I found that I had to set 'verify_peer_name' => false, or else I just got a unable to connect to ssl://localhost:5671 (Unknown error) error, but I was also port-forwarding through localhost.

polesen
  • 713
  • 1
  • 6
  • 18
2

Answered by @Eugene K in a sub-comment:

You need to add the DSN to the SSLOptions array, and you need to use a AMQPSSLConnection instead of an AMQPStreamConnection

        $this->connection = new AMQPSSLConnection(
        'myhost.mq.eu-west-1.amazonaws.com',
        '5671',
        'username',
        'xxx',
        '/',
        [
            'dsn' => 'amqps:'
        ]
    );
Edmunds22
  • 715
  • 9
  • 10
  • 2
    After trying dozens of solutions found in internet that one is the only solution that helped me. – Megas Jan 05 '22 at 12:16
1

Amazon MQ broker (RabbitMQ specifically) is using SSL by default (you can notice that connection string starts with amqps, not amqp

In your case, you should set to true ssl_on and ssl_verify options

Eugene K
  • 13
  • 4
  • This was my first config (no ssl). – Tim Nov 19 '20 at 20:40
  • 1
    Have you tried to set `'dsn' => 'amqps:'` in options? – Eugene K Nov 23 '20 at 12:45
  • Nope. Can you recommend a PHP library which is works? I think it is a problem with them: Enqueue\AmqpExt\AmqpConnectionFactory && PhpAmqpLib\Connection\AMQPSSLConnection – Tim Nov 26 '20 at 08:12
  • @EugeneK Have you find any PHP library which can work with "amqps" protocol, I am getting this error `Unable to find the socket transport "amqp" - did you forget to enable it when you configured PHP?` – Raj Jagani Sep 09 '21 at 13:32
1

I see you installed amqp-ext and using it's ConnectionFactory

use Enqueue\AmqpExt\AmqpConnectionFactory; but

If you are using php-enqueue and want to connect to AWS AMQ RabbitMQ you should install and use enqueue/amqp-lib instead of enqueue/amqp-ext

and connection details

use Enqueue\AmqpLib\AmqpConnectionFactory;

new AmqpConnectionFactory([

    'host' => env('RABBITMQ_HOST'),
    'port' => env('RABBITMQ_PORT', 5672),
    'vhost' => env('RABBITMQ_DEFAULT_VHOST'),
    'user' => env('RABBITMQ_USERNAME'),
    'pass' => env('RABBITMQ_PASSWORD'),
    'persisted' => false,
    'ssl_on' => true,
    'ssl_verify' => true,

]);
Alper
  • 231
  • 4
  • 11