时间戳

首页 > 解决方案 > Going about Testing an SSL Connection on RabbitMQ

c# - Going about Testing an SSL Connection on RabbitMQ

问题描述

Trying to Connect to Rabbitmq://uri:port/ on an SSL enabled port 

string sslDir = System.IO.Path.GetFullPath(@"C:\temp");
        if (null == sslDir)
        {
            Console.WriteLine("SSL_CERT_DIR is not configured, skipping test");
            return;
        }
        cf.Ssl.ServerName = System.Net.Dns.GetHostName();
        cf.Ssl.CertPath = sslDir + "cert.cer";
        cf.Ssl.Enabled = true;
        try
        {
            var conn = cf.CreateConnection();
            var ch = conn.CreateModel();
            Console.WriteLine("Press key");
            Console.ReadKey();
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
            Console.WriteLine("Press key");
            Console.ReadKey();
            throw;
        }
        finally
        {
            Console.WriteLine("Press key");
            Console.ReadKey();
        }

Throws an exception with the following stacktrace. We have tried several ssl configurations to connect. The two most prominent methods described in 

ConnectionFactory connectionFactory = new ConnectionFactory()
        {
            HostName = ConfigurationManager.AppSettings["RABBITMQ_HOST"],
            Port = Convert.ToInt32(ConfigurationManager.AppSettings["RABBITMQ_PORT"]),
            UserName = ConfigurationManager.AppSettings["RABBITMQ_USERNAME"],
            Password = ConfigurationManager.AppSettings["RABBITMQ_PASSWORD"],
            VirtualHost = "MyHostName",
SslPolicyErrors.RemoteCertificateNameMismatch |
SslPolicyErrors.RemoteCertificateChainErrors,
},

Tried the following method to configure SSL using a certificate from the Server's root myservercert.cer as below.

Ssl = new RabbitMQ.Client.SslOption("MYHOST", @"C:\temp\myservercert.cer", true),
AmqpUriSslProtocols = SslProtocols.Tls12,
};

and additionally another SSL Configurator.

                Ssl = new SslOption()
            {
                Enabled = true,
                ServerName = "MyServer.com",
                AcceptablePolicyErrors = SslPolicyErrors.RemoteCertificateNameMismatch |
                                         SslPolicyErrors.RemoteCertificateChainErrors,
            },

But we get the following exception : 

at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
   at System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)
   at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags)
   at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password)
   at RabbitMQ.Client.SslOption.get_Certs()
   at RabbitMQ.Client.SslHelper.TcpUpgrade(Stream tcpStream, SslOption sslOption)
   at RabbitMQ.Client.Impl.SocketFrameHandler..ctor(AmqpTcpEndpoint endpoint, Func`2 socketFactory, Int32 connectionTimeout, Int32 readTimeout, Int32 writeTimeout)
   at RabbitMQ.Client.ConnectionFactory.CreateFrameHandler(AmqpTcpEndpoint endpoint)
   at RabbitMQ.Client.EndpointResolverExtensions.SelectOne[T](IEndpointResolver resolver, Func`2 selector)
   --- End of inner exception stack trace ---
   at RabbitMQ.Client.EndpointResolverExtensions.SelectOne[T](IEndpointResolver resolver, Func`2 selector)
   at RabbitMQ.Client.ConnectionFactory.CreateConnection(IEndpointResolver endpointResolver, String clientProvidedName)
   --- End of inner exception stack trace ---
   at RabbitMQ.Client.ConnectionFactory.CreateConnection(IEndpointResolver endpointResolver, String clientProvidedName)
   at RabbitMQ.Client.ConnectionFactory.CreateConnection()

Most of the SSL Configuration Settings are taken care of by us. For instance, the following parameters are ensured for accuracy

However We do not have user friendly error messages. The exact settings required is kind of undebuggable.

The exact snippet of code I use is below. 

var cf = new ConnectionFactory()
        {
            HostName = ConfigurationManager.AppSettings["RABBITMQ_HOST"],
            Port = Convert.ToInt32(ConfigurationManager.AppSettings["RABBITMQ_PORT"]),
            UserName = ConfigurationManager.AppSettings["RABBITMQ_USERNAME"],
            Password = ConfigurationManager.AppSettings["RABBITMQ_PASSWORD"],
            VirtualHost = ConfigurationManager.AppSettings["RABBITMQ_VIRTUALHOSTNAMES"],
            RequestedHeartbeat = 300,
            AutomaticRecoveryEnabled = false
        };

Is there a way to debug rabbitmq connections on powershell or shell?

标签: c#.netpowershellsslrabbitmq

解决方案

推荐阅读