为Rabbitmq管理插件启用TLS
我试图将管理插件配置为使用TLS,但每次都出现以下错误:为Rabbitmq管理插件启用TLS,rabbitmq,Rabbitmq,我试图将管理插件配置为使用TLS,但每次都出现以下错误: =ERROR REPORT==== 8-Jun-2016::15:52:19 === SSL: certify: tls_connection.erl:375:Fatal error: decode error =ERROR REPORT==== 8-Jun-2016::15:52:19 === application: mochiweb "Accept failed error" "{error,{tls_al
=ERROR REPORT==== 8-Jun-2016::15:52:19 ===
SSL: certify: tls_connection.erl:375:Fatal error: decode error
=ERROR REPORT==== 8-Jun-2016::15:52:19 ===
application: mochiweb
"Accept failed error"
"{error,{tls_alert,\"decode error\"}}"
我不想使用与在同一台服务器上运行的nginx相同的证书,nginx配置如下:
...
ssl_certificate /var/certs/crt;
ssl_certificate_key /var/certs/key;
...
[{rabbitmq_management,
[{listener, [{port, 15672},
{ssl, true},
{ssl_opts, [{cacertfile, "/var/certs/ca.pem"},
{certfile, "/var/certs/crt"},
{keyfile, "/var/certs/key"}]}
]}
]}].
它们是pem编码的,crt
是链式证书
我的rabbitmq.config如下所示:
...
ssl_certificate /var/certs/crt;
ssl_certificate_key /var/certs/key;
...
[{rabbitmq_management,
[{listener, [{port, 15672},
{ssl, true},
{ssl_opts, [{cacertfile, "/var/certs/ca.pem"},
{certfile, "/var/certs/crt"},
{keyfile, "/var/certs/key"}]}
]}
]}].
ca.pem
是我从中获得服务器证书的根ca证书。
我如何诊断出问题所在
当我使用自签名证书时,一切都正常,但我真的希望使用我已有的证书
RabbitMQ 3.5.6,Erlang R16B03
它们是pem编码的,crt是链式证书
certfile
需要是独立证书的路径,而不是链式证书。您的证书中似乎有一个错误。它可能与cyphers套件有关,无法解码或无法解码您的特定证书。我已经放弃了这一点,并为此配置了反向代理(nginx)