Answer the question
In order to leave comments, you need to log in
How to connect to rabbitmq behind ssl proxy?
Greetings, there are 3 nodes with rabbitmq, the documentation describes the possibility of terminating ssl.
Use a proxy or load balancer (such as HAproxy) to perform TLS termination of client connections and use plain TCP connections to RabbitMQ nodes.
stream {
upstream rabbitmq {
server rabbit01:5672;
server rabbit02:5672;
server rabbit03:5672;
}
server {
listen 25672 ssl;
proxy_pass rabbitmq;
ssl_certificate /etc/nginx/ssl/rabbitmq/server.crt;
ssl_certificate_key /etc/nginx/ssl/rabbitmq/server.key;
ssl_session_cache shared:SSL1:10m;
ssl_session_timeout 4h;
}
}
C:\Python>C:\Python\Python37-32\python.exe C:\python\mq-send.py
INFO 2019-09-19 18:08:54,277 __main__ connect 32 : Connecting to: amqp://admin:admin@rabbit.proxy01.int:25672/
INFO 2019-09-19 18:08:54,308 pika.adapters.utils.connection_workflow start 179 : Pika version 1.1.0 connecting to ('172.16.1.6', 25672)
INFO 2019-09-19 18:08:54,324 pika.adapters.utils.io_services_utils _on_writable 345 : Socket connected: <socket.socket fd=636, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('10.168.1.124', 58513), raddr=('172.16.1.6', 25672)>
INFO 2019-09-19 18:08:54,324 pika.adapters.utils.connection_workflow _on_transport_establishment_done 428 : Streaming transport linked up: (<pika.adapters.utils.io_services_utils._AsyncPlaintextTransport object at 0x03294770>, _StreamingProtocolShim: <SelectConnection PROTOCOL transport=<pika.adapters.utils.io_services_utils._AsyncPlaintextTransport object at 0x03294770> params=<URLParameters host=rabbit.proxy01.int port=25672 virtual_host=/ ssl=False>>).
ERROR 2019-09-19 18:08:54,324 pika.adapters.utils.io_services_utils _consume 796 : Socket EOF; <socket.socket fd=636, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('10.168.1.124', 58513), raddr=('172.16.1.6', 25672)>
ERROR 2019-09-19 18:08:54,324 pika.adapters.base_connection _proto_eof_received 445 : Transport indicated EOF.
INFO 2019-09-19 18:08:54,324 pika.adapters.utils.io_services_utils _on_socket_readable 1058: protocol.eof_received() elected to close: <socket.socket fd=636, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('10.168.1.124', 58513), raddr=('172.16.1.6', 25672)>
INFO 2019-09-19 18:08:54,324 pika.adapters.utils.io_services_utils _initiate_abort 907 : _AsyncTransportBase._initate_abort(): Initiating abrupt asynchronous transport shutdown: state=1; error=None; <socket.socket fd=636, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('10.168.1.124', 58513), raddr=('172.16.1.6', 25672)>
INFO 2019-09-19 18:08:54,339 pika.adapters.utils.io_services_utils _deactivate 870 : Deactivating transport: state=1; <socket.socket fd=636, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('10.168.1.124', 58513), raddr=('172.16.1.6', 25672)>
ERROR 2019-09-19 18:08:54,339 pika.adapters.base_connection _proto_connection_lost 429 : connection_lost: StreamLostError: ('Transport indicated EOF',)
INFO 2019-09-19 18:08:54,339 pika.connection _on_stream_terminated 1999: AMQP stack terminated, failed to connect, or aborted: opened=False, error-arg=StreamLostError: ('Transport indicated EOF',); pending-error=None
ERROR 2019-09-19 18:08:54,339 pika.connection _on_stream_terminated 2027: Probably incompatible Protocol Versions
INFO 2019-09-19 18:08:54,339 pika.connection _on_stream_terminated 2061: Connection setup terminated due to IncompatibleProtocolError: The protocol returned by the server is not supported: ("StreamLostError: ('Transport indicated EOF',)",)
ERROR 2019-09-19 18:08:54,339 pika.adapters.utils.connection_workflow _report_completion_and_cleanup 291 : AMQPConnector - reporting failure: AMQPConnectorAMQPHandshakeError: IncompatibleProtocolError: The protocol returned by the server is not supported: ("StreamLostError: ('Transport indicated EOF',)",)
ERROR 2019-09-19 18:08:54,339 pika.adapters.utils.connection_workflow _start_new_cycle_async 746 : AMQP connection workflow failed: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - AMQPConnectorAMQPHandshakeError: IncompatibleProtocolError: The protocol returned by the server is not supported: ("StreamLostError: ('Transport indicated EOF',)",); first exception - None.
ERROR 2019-09-19 18:08:54,355 pika.adapters.utils.connection_workflow _report_completion_and_cleanup 723 : AMQPConnectionWorkflow - reporting failure: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - AMQPConnectorAMQPHandshakeError: IncompatibleProtocolError: The protocol returned by the server is not supported: ("StreamLostError: ('Transport indicated EOF',)",); first exception - None
INFO 2019-09-19 18:08:54,355 pika.adapters.utils.io_services_utils _close_and_finalize 883 : Closing transport socket and unlinking: state=3; <socket.socket fd=636, family=AddressFamily.AF_INET, type=SocketKind.SOCK_STREAM, proto=6, laddr=('10.168.1.124', 58513), raddr=('172.16.1.6', 25672)>
ERROR 2019-09-19 18:08:54,355 pika.adapters.blocking_connection _create_connection 449 : Connection workflow failed: AMQPConnectionWorkflowFailed: 1 exceptions in all; last exception - AMQPConnectorAMQPHandshakeError: IncompatibleProtocolError: The protocol returned by the server is not supported: ("StreamLostError: ('Transport indicated EOF',)",); first exception - None
ERROR 2019-09-19 18:08:54,355 pika.adapters.blocking_connection _create_connection 456 : Error in _create_connection().
#!/usr/bin/env python
import pika
import sys
import ssl
# connection string and initialization
parameters = pika.URLParameters('amqps://admin:[email protected]:25672/')
parameters.ssl = True
parameters.ssl_options = dict(ssl_version=ssl.PROTOCOL_TLSv1_2)
connection = pika.BlockingConnection(parameters)
channel = connection.channel()
connection = pika.BlockingConnection(parameters)
channel = connection.channel()
message='This is not a message, this is a pythonic tribute to a message'
my_routing_key='tributes'
exchange_name='postal'
channel.exchange_declare(exchange=exchange_name,
exchange_type='direct',
durable=True)
channel.basic_publish(exchange=exchange_name,
routing_key=my_routing_key,
body=message)
channel.close()
connection.close()
File "C:\python\mq-send.py", line 8, in
parameters.ssl = True
AttributeError: 'URLParameters' object has no attribute 'ssl'
Answer the question
In order to leave comments, you need to log in
I believe that the last error is simply related to the difference in Pika versions, try to specify all the parameters for `pika.URLParameters` through the string and do not modify `parameters` manually after.
About certificates: if you just need a TLS connection, then the client should not need certificates, but if the authenticity of the server (and client) is determined by certificates, then in this case the client needs them. Example from documentation .
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question