search

rabbitmq / tls-gen

Generates self-signed x509/TLS/SSL certificates useful for development
Mozilla Public License 2.0
368 stars 103 forks source link

wrong certificates #13

Closed dersar00 closed 5 years ago

dersar00 commented 6 years ago

Hello. I'm using vagrant for my local development where I use rabbitmq and for that try to create certificates using your product. When I used ubuntu 16.04 as my vagrant box everything work well, I could create certificates and they are worked well(OpenSSL 1.0.2g 1 Mar 2016), after I moved my vagrant to ubuntu 18.04 (OpenSSL 1.1.0g 2 Nov 2017) I could create certificates in the same way but they are didn't work. I tried use certificates created with in my ubuntu 16.04 system with OpenSSL 1.0.2g 1 Mar 2016 in my ubuntu 18.04 and everything works well, but certificates created in the same way with OpenSSL 1.1.0g 2 Nov 2017 broken it. Why it can be?

lukebakken commented 6 years ago

Hello! Could you please give more information -

dersar00 commented 6 years ago

Hello @lukebakken!

  1. As server, I'm using rabbitmq tls server, as a client, it can be different client for example a ruby client that use bunny.
  2. "Broken" mean that certificates created with OpenSSL 1.1.0g 2 Nov 2017 is didn't work with rabbitmq.
  3. When I start rabbitmq it's log me [info] <0.680.0> started SSL listener on [::]:5671.
  4. My ruby worker that used bunny for connection to rabbitmq return me error Connection reset by peer - SSL_connect (Errno::ECONNRESET).
  5. Sorry, how I can check with openssl x509?
  6. Yes, I checked withopenssl s_server and openssl s_client, it return me a right result.
lukebakken commented 6 years ago

Hi @dersar00 - thanks for all of that information. Since the certificates work with openssl s_server and s_client, we know that this project is not the problem. I regularly use this project to generate certificates for testing RabbitMQ (using openssl 1.1.1).

More questions -

michaelklishin commented 5 years ago

Closing due to lack of details and activity.