Search code examples
pythonubuntucentosrabbitmqpython-pika

Pika can connect to RabbitMq on ubuntu, but not work on Centos?

The same code can work on Ubuntu, not work on Centos! Firewall already closed!

Ubuntu 16.04, python version 3.5.2.

Centos 7,python version 3.5.2.

Ubuntu and centos are the newly installed in virtualbox! RabbitMq config tls!

On Centos, if connect rabbitmq disable ssl is OK, but if connect rabbitmq enable ssl fail.

Can you help me? Thanks very much!

This the rabbitmq config:

rabbit, [
        { loopback_users, [ ] },
        { tcp_listeners, [ 5672 ] },
        { ssl_listeners, [ 5671 ] },
        { ssl_options, [
                { cacertfile, "/ca/private/ca.crt" },
                { certfile, "/ca/server/server.pem" },
                { fail_if_no_peer_cert, false },
                { keyfile, "/ca/server/server.key" },
                { verify, verify_peer }
        ] },
        { hipe_compile, false }
]

This the code:

#!/usr/bin/env python3.5
import pika
import ssl

ssl_options = {    
    "ca_certs":"/root/ca/private/ca.crt",
    "certfile": "/root/ca/rbq/client.crt",
    "keyfile": "/root/ca/rbq/client.key",
    "cert_reqs": ssl.CERT_REQUIRED,
    "ssl_version":ssl.PROTOCOL_TLSv1_2
}
credentials = pika.PlainCredentials('ttttt', '123456')
parameters = pika.ConnectionParameters(host='192.168.1.164',
                                       port=5671,
                                       virtual_host='/',
                                       heartbeat_interval = 0,
                                       credentials=credentials,
                                       ssl = True,
                                       ssl_options = ssl_options)
connection = pika.BlockingConnection(parameters)
connection.close()

This the error msg:

Traceback (most recent call last):
  File "./rb.py", line 20, in <module>
    connection = pika.BlockingConnection(parameters)
  File "/usr/local/lib/python3.5/site-packages/pika/adapters/blocking_connection.py", line 339, in __init__
    self._process_io_for_connection_setup()
  File "/usr/local/lib/python3.5/site-packages/pika/adapters/blocking_connection.py", line 374, in _process_io_for_connection_setup
    self._open_error_result.is_ready)
  File "/usr/local/lib/python3.5/site-packages/pika/adapters/blocking_connection.py", line 395, in _flush_output
    raise exceptions.ConnectionClosed()
pika.exceptions.ConnectionClosed

This rabbitmq server log:

[root@master1 rabbitmq]# tail rabbit@master1.log 
SSL: certify: ssl_alert.erl:93:Fatal error: decrypt error

=INFO REPORT==== 22-Aug-2016::12:50:48 ===
accepting AMQP connection <0.22118.20> (192.168.1.131:48526 -> 192.168.1.164:5671)

=INFO REPORT==== 22-Aug-2016::12:50:48 ===
closing AMQP connection <0.22118.20> (192.168.1.131:48526 -> 192.168.1.164:5671)

=ERROR REPORT==== 22-Aug-2016::12:54:04 ===
SSL: certify: ssl_alert.erl:93:Fatal error: decrypt error
Solution

  • My server certificate uses md5WithRSAEncryption as the signature algorithm

    redhat document about openssl

    I updated algorithm to SHA256. I works OK! :)

    Thanks avij!