使用 .NET 通过 SSL 连接到 RabbitMQ

问题描述 投票:0回答:1

我尝试使用 SSL 从 .NET 应用程序连接到 RabbitMQ。

RabbitMQ 3.8.8、Erlang 22.2、操作系统 Windows

RabbitMQ.Client.Exceptions.BrokerUnreachableException:“指定的端点均无法访问”
内部异常:
    IOException:找不到兼容的身份验证机制 - 服务器提供[]

高级配置

[
    {ssl, [{versions, ["tlsv1.2", "tlsv1.1"]}]},
    {rabbit, [
        {auth_backends, [rabbit_auth_backend_ldap]},
        {auth_mechanisms, ["PLAIN", "AMQPLAIN", "EXTERNAL"]},
        {ssl_listeners, [5671]},
        {ssl_options, [
            {cacertfile,"C:\\Program Files\\RabbitMQ SSL\\cacert.pem"},
            {certfile,"C:\\Program Files\\RabbitMQ SSL\\cert.pem"},
            {keyfile,"C:\\Program Files\\RabbitMQ SSL\\key.pem"},
            {verify,verify_peer},
            {fail_if_no_peer_cert,false}
        ]}
    ]},
    {rabbitmq_auth_backend_ldap, [
        {servers, ["corp.mydamain.com", "10.10.0.4", "10.10.0.6"]},
        {user_dn_pattern, "cn=${username},OU=IT,OU=USR,DC=corp,DC=mydamain,DC=com"},
        {dn_lookup_attribute, "userPrincipalName"},
        {dn_lookup_base, "DC=corp,DC=mydamain,DC=com"},
        {user_dn_pattern, "${username}@corp.mydamain.com"},
        {use_ssl, false},
        {port, 389},
        {log, true},
        {vhost_access_query, {in_group, "CN=GRP_ORG.IT,OU=ORG,OU=GRP,DC=corp,DC=mydamain,DC=com"}},
        {resource_access_query, {in_group, "CN=GRP_ORG.IT,OU=ORG,OU=GRP,DC=corp,DC=mydamain,DC=com"}},
        {tag_queries, [
            {administrator, {constant, false}},
            {management, {constant, true}}
        ]}
    ]}
].

我尝试删除 auth_mechanisms 参数。然后我得到错误:

RabbitMQ.Client.Exceptions.BrokerUnreachableException:“指定的端点均无法访问”
内部异常:
    IOException:找不到兼容的身份验证机制 - 服务器提供 [AMQPLAIN PLAIN]

我使用.NET RabbitMQ.Client 5.2.0

源代码

var factory = new ConnectionFactory
{
    HostName = "dtc01-betst1",
    Port = AmqpTcpEndpoint.DefaultAmqpSslPort,
    VirtualHost = "/",
    AuthMechanisms = new AuthMechanismFactory[] { new ExternalMechanismFactory() }
};
factory.Ssl.ServerName = "dtc01-betst1.corp.mydamain.com";
factory.Ssl.CertPath = "cert.pem"; // the same file as in {certfile,"C:\\Program Files\\RabbitMQ SSL\\cert.pem"} in advanced.config
factory.Ssl.CertPassphrase = "";
factory.Ssl.Enabled = true;
factory.Ssl.Version = SslProtocols.Tls12;

using (var con = factory.CreateConnection())
using (var channel = con.CreateModel())
{
    ...
}
c# .net ssl rabbitmq
1个回答
0
投票

您应该在配置文件中使用正斜杠。

由于您尝试使用X509证书身份验证,因此必须确保

rabbitmq-auth-mechanism-ssl
插件已启用:

rabbitmq-plugins.bat enable rabbitmq_auth_mechanism_ssl

如果这不能解决您的问题,我强烈建议您在 

rabbitmq-users
邮件列表上寻求帮助。

最新问题
© www.soinside.com 2019 - 2024. All rights reserved.