相同的代码可以在Ubuntu上运行,而不是在Centos上运行!防火墙已经关闭!
Ubuntu 16.04,python版本3.5.2。
Centos 7,python版本3.5.2。
Ubuntu和centos是新安装在virtualbox中的! RabbitMq配置tls!
On Centos,如果连接rabbitmq disable ssl没问题,但是如果连接rabbitmq启用ssl失败。
你能帮帮我吗?非常感谢!这是rabbitmq配置:
rabbit, [
{ loopback_users, [ ] },
{ tcp_listeners, [ 5672 ] },
{ ssl_listeners, [ 5671 ] },
{ ssl_options, [
{ cacertfile, "/ca/private/ca.crt" },
{ certfile, "/ca/server/server.pem" },
{ fail_if_no_peer_cert, false },
{ keyfile, "/ca/server/server.key" },
{ verify, verify_peer }
] },
{ hipe_compile, false }
]
这段代码:
#!/usr/bin/env python3.5
import pika
import ssl
ssl_options = {
"ca_certs":"/root/ca/private/ca.crt",
"certfile": "/root/ca/rbq/client.crt",
"keyfile": "/root/ca/rbq/client.key",
"cert_reqs": ssl.CERT_REQUIRED,
"ssl_version":ssl.PROTOCOL_TLSv1_2
}
credentials = pika.PlainCredentials('ttttt', '123456')
parameters = pika.ConnectionParameters(host='192.168.1.164',
port=5671,
virtual_host='/',
heartbeat_interval = 0,
credentials=credentials,
ssl = True,
ssl_options = ssl_options)
connection = pika.BlockingConnection(parameters)
connection.close()
错误信息:
Traceback (most recent call last):
File "./rb.py", line 20, in <module>
connection = pika.BlockingConnection(parameters)
File "/usr/local/lib/python3.5/site-packages/pika/adapters/blocking_connection.py", line 339, in __init__
self._process_io_for_connection_setup()
File "/usr/local/lib/python3.5/site-packages/pika/adapters/blocking_connection.py", line 374, in _process_io_for_connection_setup
self._open_error_result.is_ready)
File "/usr/local/lib/python3.5/site-packages/pika/adapters/blocking_connection.py", line 395, in _flush_output
raise exceptions.ConnectionClosed()
pika.exceptions.ConnectionClosed
这个rabbitmq服务器日志:
[root@master1 rabbitmq]# tail rabbit@master1.log
SSL: certify: ssl_alert.erl:93:Fatal error: decrypt error
=INFO REPORT==== 22-Aug-2016::12:50:48 ===
accepting AMQP connection <0.22118.20> (192.168.1.131:48526 -> 192.168.1.164:5671)
=INFO REPORT==== 22-Aug-2016::12:50:48 ===
closing AMQP connection <0.22118.20> (192.168.1.131:48526 -> 192.168.1.164:5671)
=ERROR REPORT==== 22-Aug-2016::12:54:04 ===
SSL: certify: ssl_alert.erl:93:Fatal error: decrypt error