You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi Alan,
I have attempted to add mbedtls support to rabbitmq-c-0.11.0
Attached are the two files I have added into librabbitmq. amqp_mbedtls.zip
I am able to create connection and open the socket but amqp_login_with_properties() always fails .
I am using mbedtls-2.26.0 version on client side.
Erlang details: OTP version: 24.1.4
Erlang emulator version 12.1.4
I am trying to establish the communication with rabbitmq broker version 3.9.8 with ssl using the below config.
[
{rabbit, [
{ssl_listeners, [5671]},
{ssl_options, [{cacertfile, "c:\ca_certificate.pem"},
{certfile, "c:\server_certificate.pem"},
{keyfile, "c:\server_key.pem"},
{verify, verify_peer},
{versions, ['tlsv1.2']},
{fail_if_no_peer_cert, true}]}
]}
].
If I switch the client to amqp ssl connection, the communication works fine.
But in my project I cannot use openssl client hence adding mbedtls support.
I am trying to understand what is that i am missing in mbedtls client thats causing the broker to reset the connection.
Could you please help.
The text was updated successfully, but these errors were encountered:
Hi Alan,
I have attempted to add mbedtls support to rabbitmq-c-0.11.0
Attached are the two files I have added into librabbitmq.
amqp_mbedtls.zip
I am able to create connection and open the socket but amqp_login_with_properties() always fails .
I am using mbedtls-2.26.0 version on client side.
Erlang details: OTP version: 24.1.4
Erlang emulator version 12.1.4
I am trying to establish the communication with rabbitmq broker version 3.9.8 with ssl using the below config.
[
{rabbit, [
{ssl_listeners, [5671]},
{ssl_options, [{cacertfile, "c:\ca_certificate.pem"},
{certfile, "c:\server_certificate.pem"},
{keyfile, "c:\server_key.pem"},
{verify, verify_peer},
{versions, ['tlsv1.2']},
{fail_if_no_peer_cert, true}]}
]}
].
After the certificate is verified the broker resets the connection
TCP 60271 → 5671 [SYN] Seq=0 Win=65535 Len=0 MSS=65475 WS=256 SACK_PERM=1
TCP 5671 → 60271 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=65475 WS=256 SACK_PERM=1
TCP 60271 → 5671 [ACK] Seq=1 Ack=1 Win=2618880 Len=0
TLSv1.2 Client Hello
TCP 5671 → 60271 [ACK] Seq=1 Ack=305 Win=2618880 Len=0
TLSv1.2 Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done
TCP 60271 → 5671 [ACK] Seq=305 Ack=1976 Win=2616832 Len=0
TLSv1.2 Certificate
TCP 5671 → 60271 [ACK] Seq=1976 Ack=945 Win=2618112 Len=0
TLSv1.2 Client Key Exchange
TCP 5671 → 60271 [ACK] Seq=1976 Ack=1088 Win=2618112 Len=0
TLSv1.2 Certificate Verify
TCP 5671 → 60271 [ACK] Seq=1976 Ack=1173 Win=2618112 Len=0
TLSv1.2 Change Cipher Spec
TCP 5671 → 60271 [ACK] Seq=1976 Ack=1179 Win=2618112 Len=0
TLSv1.2 Encrypted Handshake Message
TCP 5671 → 60271 [ACK] Seq=1976 Ack=1216 Win=2617856 Len=0
TLSv1.2 Change Cipher Spec, Encrypted Handshake Message
TCP 60271 → 5671 [ACK] Seq=1216 Ack=2019 Win=2616832 Len=0
TLSv1.2 Application Data
TCP 5671 → 60271 [ACK] Seq=2019 Ack=1245 Win=2617856 Len=0
TLSv1.2 Application Data
TCP 60271 → 5671 [ACK] Seq=1245 Ack=2048 Win=2616832 Len=0
TLSv1.2 Encrypted Alert
TCP 60271 → 5671 [ACK] Seq=1245 Ack=2071 Win=2616832 Len=0
TCP 5671 → 60271 [RST, ACK] Seq=2071 Ack=1245 Win=0 Len=0
If I switch the client to amqp ssl connection, the communication works fine.
But in my project I cannot use openssl client hence adding mbedtls support.
I am trying to understand what is that i am missing in mbedtls client thats causing the broker to reset the connection.
Could you please help.
The text was updated successfully, but these errors were encountered: