我在通过tls连接到Ubuntu 18.04服务器上的Rabbitmq代理时遇到问题。 我在客户端使用以下代码。
using RabbitMQ.Client;
using RabbitMQ.Client.Events;
using System;
using System.Net.Security;
using System.Security.Authentication;
using System.Text;
namespace firstConsumer
{
class Program
{
static void Main(string[] args)
{
var factory = new ConnectionFactory()
{
HostName = "my-domain.de",
UserName = "main",
Password = "1234",
Port = 5671,
Ssl = new SslOption
{
Enabled = true,
Version = SslProtocols.Tls12,
ServerName = "my-domain.de",
AcceptablePolicyErrors = SslPolicyErrors.RemoteCertificateNameMismatch |
SslPolicyErrors.RemoteCertificateChainErrors |
SslPolicyErrors.RemoteCertificateNotAvailable,
}
};
using (var connection = factory.CreateConnection())
{
using (var channel = connection.CreateModel())
{
channel.QueueDeclare(queue: "test-queue",
durable: false,
exclusive: false,
autoDelete: true,
arguments: null);
var consumer = new EventingBasicConsumer(channel);
consumer.Received += (model, ea) =>
{
var body = ea.Body.ToArray();
var message = Encoding.UTF8.GetString(body);
Console.WriteLine(" [x] Received {0}", message);
};
channel.BasicConsume(queue: "test-queue",
autoAck: true,
consumer: consumer);
Console.WriteLine(" Press [enter] to exit.");
Console.ReadLine();
}
}
}
}
}
这是Rabbitmq文档中的示例代码之一,用于通过tls与c#与代理连接。
RabbitMQ在docker容器中运行,带有来自Certbot的有效证书(让我们加密)。它还在正确的tls端口上监听:
rabbitmq_1 | 2020-08-01 16:40:42.082 [info] <0.523.0> started TCP listener on [::]:5672
rabbitmq_1 | 2020-08-01 16:40:42.147 [info] <0.540.0> started TLS (SSL) listener on [::]:5671
这是我的docker-compose文件:
version: '3'
services:
rabbitmq:
image: 'rabbitmq:3'
hostname: 'rabbitmq'
ports:
- '4369:4369'
- '5672:5672'
- '5671:5671'
- '25672:25672'
volumes:
- ./config/rabbitmq.conf:/etc/rabbitmq/rabbitmq.conf
- ./Cert/Cert-tls-gen/:/cert/
这是我在ufw上的端口设置
Zu Aktion Von
-- ------ ---
OpenSSH ALLOW Anywhere
5672 ALLOW Anywhere
Nginx Full ALLOW Anywhere
5671 ALLOW Anywhere
20,21,10000:10100/tcp ALLOW Anywhere
21 DENY Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
5672 (v6) ALLOW Anywhere (v6)
Nginx Full (v6) ALLOW Anywhere (v6)
5671 (v6) ALLOW Anywhere (v6)
20,21,10000:10100/tcp (v6) ALLOW Anywhere (v6)
21 (v6) DENY Anywhere (v6)
当我尝试运行C#代码时,总是收到以下错误消息。
IOException: Authentication failed because the remote party has closed the transport stream.
并且在tls上进行连接尝试的rabbitmq日志中没有日志。没有任何反应。 RabbitMQ只是没有注意到通过tls的任何尝试连接。
当我删除ssl设置并尝试通过5672端口上的tcp连接时,上面的代码工作正常。没有tls,我还会得到与客户端连接的日志,并且一切正常。
对我来说,服务器似乎拒绝了连接,但我不知道为什么。
这是一台只有nginx和一个docker容器的新服务器。
我也在tls上尝试了具有相同结果的Java示例。但是在没有tls设置的情况下可以使用。
Exception in thread "main" javax.net.ssl.SSLException: Connection reset
如果有人可以帮助我解决这个问题,我将不胜感激。我已经尝试解决了3天。
谢谢