I'm trying to configure SSL in the connection between rabbitmq and Pika client (in python 2.7), therefore I have followed the tutorial in https://www.rabbitmq.com/ssl.html and I generated the certificates using https://github.com/michaelklishin/tls-gen

Rabbitmq seems to work well (I already checked with nmap and port 5671 is opened) but when I am trying to connect with pika client I get the error:

ERROR:pika.adapters.utils.io_services_utils:Socket failed to connect: ; error=104 (Connection reset by peer)

rabbitmq.config:


[
  {rabbit, [
     {ssl_listeners, [{"0.0.0.0", 5671}]},
     {ssl_options, [{cacertfile, "/home/osboxes/tls-gen2/basic/result/ca_certificate.pem"},
                    {certfile,   "/home/osboxes/tls-gen2/basic/result/server_certificate.pem"},
                    {keyfile,    "/home/osboxes/tls-gen2/basic/result/server_key.pem"},
                    {verify,     verify_peer},
                    {fail_if_no_peer_cert, false}]}
   ]}
].

Pika client:

context = ssl.create_default_context(
    cafile="ca_certificate.pem")
context.load_cert_chain(client_certificate.pem",
                        keyfile="client_key.pem", password=None)


ssl_options = pika.SSLOptions(context, "127.0.0.1")
conn_params = pika.ConnectionParameters(port=5671,
                                        ssl_options=ssl_options)
connection = pika.BlockingConnection(conn_params)

Note that I am testing the connection in the same machine and "ca_certificate.pem" is the same file for the client and server. What I am doing wrong?

I already checked similar questions but non of them helped to solve my problem.

0 Answers