我使用RabbitMQ和Mqtt插件。我的docker-compose如下所示:
loopback_users.guest = false
listeners.tcp = none
listeners.ssl.default = 5671
password_hashing_module = rabbit_password_hashing_sha512
# General
ssl_options.cacertfile = /etc/rabbitmq/cert/ca_certificate.pem
ssl_options.certfile = /etc/rabbitmq/cert/server_certificate.pem
ssl_options.keyfile = /etc/rabbitmq/cert/server_key.pem
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = true
# Web
management.ssl.port = 15672
management.ssl.cacertfile = /etc/rabbitmq/cert/ca_certificate.pem
management.ssl.certfile = /etc/rabbitmq/cert/server_certificate.pem
management.ssl.keyfile = /etc/rabbitmq/cert/server_key.pem
management.load_definitions = /etc/rabbitmq/definitions.json
# Mqtt plugin
mqtt.allow_anonymous = false
mqtt.listeners.ssl.default = 8883
mqtt.listeners.tcp.default = 1883
我的证书是正确的。Web在安全性方面运行良好。所以我想通过TLS从我的Python应用程序连接到Rabbit。
PATH_CERT = '/<path>/server_certificate.pem'
client = paho.Client()
client.on_connect = on_connect
client.on_publish = on_publish
client.on_message = on_message
client.username_pw_set(MQTT_USER, MQTT_PASSWORD)
client.tls_set(ca_certs = PATH_CERT, tls_version=ssl.PROTOCOL_TLSv1_2)
client.tls_insecure_set(False)
client.connect('my.domain.pl', 8883, 60)
client.loop_forever()
但我得到了错误:
File "/usr/lib/python3.8/ssl.py", line 1309, in do_handshake
self._sslobj.do_handshake()
ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)
密码、用户名和域名都正确。如何解决证书问题?在Python中是否传递正确的证书?
1条答案
按热度按时间oyt4ldly1#
这两个选项将Erlang/RabbitMQ TLS配置为从Python/Paho应用程序请求客户端证书,但您没有在客户端应用程序中提供客户端证书:
**注意:**Team RabbitMQ监控
rabbitmq-users
邮件列表,仅在StackOverflow上偶尔回答问题。