import socket, ssl
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(10)
wrapped= ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLSv1_1)
wrapped.connect(('localhost', 61614))
#etc
RabbitMQ log shows a successful connection:
=INFO REPORT==== 19-Oct-2015::15:31:32 ===
accepting STOMP connection <0.1908.0> (127.0.0.1:57757 -> 127.0.0.1:61614)
Using the openssl client to connect also succeeds (to convince myself)
$ openssl s_client -connect localhost:61614
(snip snip)
Verify return code: 0 (ok)
This doesn't work- it hangs at conn.connect() as wait=True, but Rabbit kills off the connection with an error:
import stomp,ssl
# (snip logging code)
# (snip MyListener class)
print("ok, go!")
conn = stomp.Connection(
host_and_ports=[('myserver.com',61614)])
conn.set_ssl(
for_hosts=['myserver.com'],
ssl_version=ssl.PROTOCOL_TLSv1_1)
conn.set_listener('', MyListener())
conn.start()
conn.connect('user', 'pass', wait=True)
conn.subscribe(destination='/topic/myqueue', id=1, ack='auto')
print("connected")
RabbitMQ's error:
=ERROR REPORT==== 19-Oct-2015::15:03:10 ===
STOMP detected TLS upgrade error on <0.1224.0> (127.0.0.1:52065 -> 127.0.0.1:61614): alert record overflow
Output (including logging output from stomp.py):
ok, go!
2015-10-19 15:22:01,600 - stomp.py - INFO - Attempting connection to host localhost, port 61614
2015-10-19 15:22:01,606 - stomp.py - INFO - Established connection to host localhost, port 61614
2015-10-19 15:22:01,607 - stomp.py - INFO - Starting receiver loop
2015-10-19 15:22:01,608 - stomp.py - DEBUG - Sending frame ['STOMP', '\n', 'accept-version:1.1\n', 'login:user\n', 'passcode:passw0rd\n', '\n', b'\x00']
2015-10-19 15:22:01,611 - stomp.py - INFO - Receiver loop ended
Potential cause: SSL not being negotiated properly [http://erlang.org/pipermail/erlang-questions/2012-December/071099.html]