我想使用 SSL 创建一个 AMQP 客户端并连接到我的 ActiveMQ Artemis 代理。对于此任务,我从Qpid Proton 存储库中获取了一个示例项目,并对其进行了一些修改:
def on_start(self, event):
ssl_domain = SSLDomain(SSLDomain.MODE_CLIENT)
ssl_domain.set_credentials(cert_file=str('./ssl/cert.pem'),
key_file=str('./ssl/key.pem'),
password=str('QWErty123'))
ssl_domain.set_trusted_ca_db(certificate_db=str('./ssl/ca.pem'))
ssl_domain.set_peer_authentication(SSLDomain.VERIFY_PEER_NAME)
self.container = event.container
self.conn = event.container.connect(self.url, ssl_domain=ssl_domain, allowed_mechs="EXTERNAL")
self.server = event.container.create_sender(self.url)
cert.pemca.pemkey.pemamqps://localhost:61616/Server.RQ
当我尝试在 Windows 10 中运行该项目时,出现错误:
Traceback (most recent call last):
File "C:\Users\Daemon2017\PycharmProjects\python-server\server\client.py", line 43, in <module>
Container(Send("amqps://localhost:61616/Server.RQ", "Client.RQ")).run()
File "C:\Program Files\Python310\lib\site-packages\proton\_reactor.py", line 197, in run
while self.process():
File "C:\Program Files\Python310\lib\site-packages\proton\_reactor.py", line 260, in process
event.dispatch(handler)
File "C:\Program Files\Python310\lib\site-packages\proton\_events.py", line 161, in dispatch
self.dispatch(h, type)
File "C:\Program Files\Python310\lib\site-packages\proton\_events.py", line 158, in dispatch
_dispatch(handler, type.method, self)
File "C:\Program Files\Python310\lib\site-packages\proton\_events.py", line 129, in _dispatch
m(*args)
File "C:\Program Files\Python310\lib\site-packages\proton\_handlers.py", line 753, in on_reactor_init
self.on_start(event)
File "C:\Users\Daemon2017\PycharmProjects\python-server\server\client.py", line 16, in on_start
ssl_domain.set_credentials(cert_file=str('./ssl/cert.pem'),
File "C:\Program Files\Python310\lib\site-packages\proton\_transport.py", line 755, in set_credentials
return self._check(pn_ssl_domain_set_credentials(self._domain,
File "C:\Program Files\Python310\lib\site-packages\proton\_transport.py", line 725, in _check
raise exc("SSL failure.")
proton._exceptions.Timeout: SSL failure.
我认为 Windows 库出了问题,并尝试在 Ubuntu 中运行该项目,但得到了不同的错误:
Traceback (most recent call last):
File "/home/daemon2017/python-server/server/client.py", line 43, in <module>
Container(Send("amqps://localhost:61616/Server.RQ", "Client.RQ")).run()
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_reactor.py", line 197, in run
while self.process():
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_reactor.py", line 260, in process
event.dispatch(handler)
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_events.py", line 161, in dispatch
self.dispatch(h, type)
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_events.py", line 158, in dispatch
_dispatch(handler, type.method, self)
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_events.py", line 129, in _dispatch
m(*args)
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_handlers.py", line 753, in on_reactor_init
self.on_start(event)
File "/home/daemon2017/python-server/server/client.py", line 15, in on_start
ssl_domain = SSLDomain(SSLDomain.MODE_CLIENT)
File "/home/daemon2017/.local/lib/python3.10/site-packages/proton/_transport.py", line 720, in __init__
raise SSLUnavailable()
proton._exceptions.SSLUnavailable
我做错了什么?
版本:
我意识到我正在处理两个不同的问题:
我设法解决了这两个问题:
1)我创建了一个 bash 管道,它以正确的顺序安装 Ubuntu 20.04.6 LTS/22.04.1 LTS 的所有依赖项:
sudo add-apt-repository ppa:deadsnakes/ppa
sudo apt-get install python3.9 python3-pip python3.9-dev python3.9-distutils pkg-config swig libsasl2-dev libssl-dev
python3.9 -m pip install python-qpid-proton --verbose --no-cache-dir
python3.9 -c "import proton; print('%s' % 'SSL present' if proton.SSL.present() else 'SSL NOT AVAILBLE')"
2)我已将 Linux PEM 转换为 Windows p12:
openssl pkcs12 -export -out cert.p12 -passin pass:MYPASS -passout pass:MYPASS -inkey key.pem -in cert.pem -name cert_friendlyname
openssl pkcs12 -export -out ca.p12 -in ca.pem -name ca-certificate -nokeys -passout pass:
现在工作正常了:
ssl_domain.set_credentials(cert_file=str('./ssl/cert.p12'),
key_file=str('cert_friendlyname'),
password=str('QWErty123'))
ssl_domain.set_trusted_ca_db(certificate_db=str('./ssl/ca.p12'))
感谢您的提示 消息错误不太清楚。
就我而言,我将 docker 映像从“python:3.9-slim”更改为“python:3.9”。 看来还是有效果的