Search code examples
sslwebsocketrabbitmqstomp

SSL configuration issue with RabbitMQ Web-Stomp Plugin


Firstly, I followed this to generate keys, certificates and CA certificates to directories which are client, server and testca. Then I verified, SSL works. Then I followed this to configure RabbitMQ Web-Stomp Plugin, and my ssl_config is as following:

[
  {rabbitmq_web_stomp,
      [{ssl_config, [{port,       15671},
                     {backlog,    1024},
                     {certfile,   "path/to/certs/client/cert.pem"},
                     {keyfile,    "path/to/certs/client/key.pem"},
                     {cacertfile, "path/to/certs/testca/cacert.pem"},
                     {password,   "changeme"}]}]}
].

However, when I tried to connect it via websockets by following code, which is copied from here, and I made some modifications.

<!DOCTYPE html>
<html><head>
  <script src="jquery.min.js"></script>

  <script src="stomp.js"></script>
  <style>
      .box {
          width: 440px;
          float: left;
          margin: 0 20px 0 20px;
      }
      .box div, .box input {
          border: 1px solid;
          -moz-border-radius: 4px;
          border-radius: 4px;
          width: 100%;
          padding: 5px;
          margin: 3px 0 10px 0;
      }
      .box div {
          border-color: grey;
          height: 300px;
          overflow: auto;
      }
      div code {
          display: block;
      }
      #first div code {
          -moz-border-radius: 2px;
          border-radius: 2px;
          border: 1px solid #eee;
          margin-bottom: 5px;
      }
      #second div {
          font-size: 0.8em;
      }
  </style>
  <title>RabbitMQ Web STOMP Examples : Echo Server</title>
  <link href="main.css" rel="stylesheet" type="text/css"/>
</head><body lang="en">
    <h1><a href="index.html">RabbitMQ Web STOMP Examples</a> > Echo Server</h1>

    <div id="first" class="box">
      <h2>Received</h2>
      <div></div>
      <form><input autocomplete="off" value="Type here..."></input></form>
    </div>

    <div id="second" class="box">
      <h2>Logs</h2>
      <div></div>
    </div>

    <script>
        var has_had_focus = false;
        var pipe = function(el_name, send) {
            var div  = $(el_name + ' div');
            var inp  = $(el_name + ' input');
            var form = $(el_name + ' form');
            var print = function(m, p) {
                p = (p === undefined) ? '' : JSON.stringify(p);
                div.append($("<code>").text(m + ' ' + p));
                div.scrollTop(div.scrollTop() + 10000);
            };
            if (send) {
                form.submit(function() {
                    send(inp.val());
                    inp.val('');
                    return false;
                });
            }
            return print;
        };
      // Stomp.js boilerplate

          var client = Stomp.client('wss://192.168.111.131:15671/ws');

      client.debug = pipe('#second');
      var print_first = pipe('#first', function(data) {

            client.send('/queue/webstomp', {"content-type":"text/plain"}, data);


      });
      var on_connect = function(x) {
          id = client.subscribe("/queue/webstomp", function(d) {
               print_first(d.body);
          });
      };
      var on_error =  function() {
        console.log('error');
      };
      client.connect('test', 'test', on_connect, on_error, '/');
      $('#first input').focus(function() {
          if (!has_had_focus) {
              has_had_focus = true;
              $(this).val("");
          }
      });
    </script>
</body></html>

it replied me that I lost connection as following screenshot. enter image description here

I'd be really appreciate any helpful suggestion on this issue.

BTW: this code example works when I didn't use SSL.


Solution

  • Finally I figured this out by referring this post, so the key point is to explicitly authorized my certificate by visiting the address in https first, in my case is wss://192.168.111.131:15671/ws. So I need to visit https://192.168.111.131:15671/ws in browser and authorize the exception and then I can make my wss connection normally.