我正在通过ssl连接跟踪这个tutorial RabbitMQ。
我已经为ssl连接配置了5672端口,我正在启动openssl工具
用于测试本地端口的连接(是RabbitMQ的正式docker容器)。
我的rabbitmq.config是:
[{rabbit, [ {loopback_users, []},
{tcp_listeners, [5671]},
{ssl_listeners, [5672]},
{auth_mechanisms, ['EXTERNAL','PLAIN']},
{handshake_timeout, 60000},
{ssl_options, [
{cacertfile, "/etc/rabbitmq/ssl/ca/cacert.pem" },
{certfile, "/etc/rabbitmq/ssl/server/server.cert.pem" },
{keyfile, "/etc/rabbitmq/ssl/server/server.key.pem" },
{verify, verify_peer},
{ssl_cert_login_from, common_name},
{fail_if_no_peer_cert, true }]}]}].
然后我执行这个命令:
openssl s_client -connect localhost:5672 -cert ../client/client.pem -key ../client/client.key.pem -CAfile ../ca/cacert.pem
我在RabbitMQ日志中收到此错误:
=INFO REPORT==== 6-Apr-2016::14:16:06 ===
accepting AMQP connection <0.696.0> (127.0.0.1:34977 -> 127.0.0.1:5672)
=ERROR REPORT==== 6-Apr-2016::14:16:06 ===
closing AMQP connection <0.696.0> (127.0.0.1:34977 -> 127.0.0.1:5672):
{handshake_timeout,handshake}
答案 0 :(得分:2)
当您看到{handshake_timeout, handshake}时,通常意味着某些事情阻止了AMQP握手(而不是TCP握手)的完成。使用Wireshark进行网络流量后,您可以了解握手过程中的哪个位置失败。