我当前正在尝试通过.NET连接到RabbitMQ,当我尝试绕过SSL证书验证时,出现以下错误:
Unhandled Exception: RabbitMQ.Client.Exceptions.BrokerUnreachableException:
None of the specified endpoints were reachable ---> System.AggregateException:
One or more errors occurred. (Authentication failed, see inner exception.) --->
System.Security.Authentication.AuthenticationException: Authentication failed,
see inner exception. ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL
error - SSL_ERROR_SSL. ---> Interop+Crypto+OpenSslCryptographicException:
error:14090087:SSL routines:ssl3_get_server_certificate:cert length mismatch
在服务器上,SSL2和SSL3已被禁用。我们正在尝试使用在服务器上启用的TLS1.2。
这是我在Linux上运行的代码,并且已经在Windows计算机上测试了此代码,并且可以正常工作。看来问题仅出现在Linux机器上。这是一个Amazon Linux Distro,但是在Ubuntu上也会出现此问题。
public void Connection(bool useTLS){
ConnectionFactory factory = new ConnectionFactory();
factory.Port = 5671;
factory.UserName = "user";
factory.Password = "password";
factory.VirtualHost = "";
factory.HostName = "develop.example.com";
factory.Ssl.Enabled = true;
factory.Ssl.Version = System.Security.Authentication.SslProtocols.Tls12;
factory.Ssl.CertificateValidationCallback =
(sender, ConsumerTagConvention, chain, SslPolicyErrors) => { return true; };
factory.Ssl.AcceptablePolicyErrors |=
System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors |
System.Net.Security.SslPolicyErrors.RemoteCertificateNameMismatch |
System.Net.Security.SslPolicyErrors.RemoteCertificateNotAvailable;
IConnection conn = factory.CreateConnection();
if (conn.IsOpen)
{
Console.WriteLine("Connected");
conn.Close();
}
else
Console.WriteLine("Failed");
}
这是用于连接的代码的片段,您可以看到我们添加了SSL策略错误以及CertificateValidationCallBack方法。
不知道这是否只是Linux问题,是否可以解决