All geek questions in one place

RabbitMQ + C # + SSL

I am trying to use C # to force RabbitMQ 3.6.2 to use SSL / TLS in Windows 7 against Erlang 18.0. I run errors when I include SSL in my C # code. I followed the steps to configure SSL / TLS here . I also went through the [troubleshooting steps] [2], which show success (except that I could not complete the stunnel step due to the ignorance of the stunnel). Here is my C # code trying to connect to RabbitMQ:

var factory = new ConnectionFactory()
{
    // NOTE: guest username ONLY works with HostName "localhost"!
    //HostName = Environment.MachineName,
    HostName = "localhost",
    UserName = "guest",
    Password = "guest",
};

// Without this line, RabbitMQ.log shows error: "SSL: hello: tls_handshake.erl:174:Fatal error: protocol version"
// When I add this line to go to TLS 1.2, .NET throws an exception: The remote certificate is invalid according to the validation procedure.
//      /questions/174720/the-remote-certificate-is-invalid-according-to-the-validation-procedure:
//      Walked through this tutorial to add the client certificate as a Windows Trusted Root Certificate: http://www.sqlservermart.com/HowTo/Windows_Import_Certificate.aspx
factory.Ssl.Version = SslProtocols.Tls12;

factory.Ssl.ServerName = "localhost"; //System.Net.Dns.GetHostName();
factory.Ssl.CertPath = @"C:\OpenSSL-Win64\client\keycert.p12";
factory.Ssl.CertPassphrase = "Re$sp3cMyS3curi1ae!";
factory.Ssl.Enabled = true;
factory.Port = 5671;

// Error: "The remote certificate is invalid according to the validation procedure."
using (var connection = factory.CreateConnection())
{
}

qaru.site/questions/174720/... " ". , , , , . , , OpenSSL, Windows . . , ?

: , SSL :

var factory = new ConnectionFactory();
factory.HostName = ConfigurationManager.AppSettings["rabbitmqHostName"];

factory.AuthMechanisms = new AuthMechanismFactory[] { new ExternalMechanismFactory() };
// Note: This should NEVER be "localhost"
factory.Ssl.ServerName = ConfigurationManager.AppSettings["rabbitmqServerName"];
// Path to my .p12 file.
factory.Ssl.CertPath = ConfigurationManager.AppSettings["certificateFilePath"];
// Passphrase for the certificate file - set through OpenSSL
factory.Ssl.CertPassphrase = ConfigurationManager.AppSettings["certificatePassphrase"];
factory.Ssl.Enabled = true;
// Make sure TLS 1.2 is supported & enabled by your operating system
factory.Ssl.Version = SslProtocols.Tls12;
// This is the default RabbitMQ secure port
factory.Port = 5671;
factory.VirtualHost = "/";
// Standard RabbitMQ authentication (if not using ExternalAuthenticationFactory)
//factory.UserName = ConfigurationManager.AppSettings["rabbitmqUsername"];
//factory.Password = ConfigurationManager.AppSettings["rabbitmqPassword"];

using (var connection = factory.CreateConnection())
{
    using (var channel = connection.CreateModel())
    {
        // publish some messages...
    }
}

,

Andy

+7
4

- , Ssl.ServerName, SSL- .

, SSL ( ) ( , , , ) - . Ssl.CertPath, , , .

+5

.NET 4.5 ( 3.6.6) / RabbitMQ Windows ( 3.6.6, Erlang 19.2).

RabbitMQ , factory . SslOption.

? , .

0

, Ssl.ServerName Common Name (CN) , , .

factory.Ssl.ServerName = "[certificate cn]";

python ( ), , , Python ( ?).

0

, , .

my client certificate is cn = 'myclient' and my rabbitmq username is also myclient. I'm trying to connect, but I can’t, please help me how to do this.

Thanks Rk

0
source

Source: https://habr.com/ru/post/1655494/

More articles:


All Articles