Hi,

 

I am trying to encrypt data on my rabbitmq communication.

On the rabbitmq server end I am using the openssl and on the client end I cant use openssl but I can use mbedtls.

I am using mbedtls-2.26.0 version in my rabbimq-c client .

 

The certificate is generated via https://github.com/michaelklishin/tls-gen

The certificate is valid and has no issue because the communication works fine when I use the ssl_client2  and ssl_server2 applications from the mbedtls-2.26.0\programs.

The communication works fine when I use the rabbitmq openssl client and openssl server.

 

But when I try to use the rabbitmq openssl server and ssl_client2  from mbedtls-2.26.0\programs the connection is reset.

I think it’s a config issue but I am not able to figure out the solution or the rootcause.

I am not sure if  I can use mbedtls client with openssl server.

Could you please help me in this.

 

Below is the log from wireshark. Attached is the log from sslclient2 program.

After the certificate is verified the broker resets the connection 

TCP        60271 → 5671    [SYN] Seq=0 Win=65535 Len=0 MSS=65475 WS=256 SACK_PERM=1

TCP        5671 → 60271    [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=65475 WS=256 SACK_PERM=1

TCP        60271 → 5671    [ACK] Seq=1 Ack=1 Win=2618880 Len=0

TLSv1.2                Client Hello

TCP        5671 → 60271    [ACK] Seq=1 Ack=305 Win=2618880 Len=0

TLSv1.2                Server Hello, Certificate, Server Key Exchange, Certificate Request, Server Hello Done

TCP        60271 → 5671    [ACK] Seq=305 Ack=1976 Win=2616832 Len=0

TLSv1.2                Certificate

TCP        5671 → 60271    [ACK] Seq=1976 Ack=945 Win=2618112 Len=0

TLSv1.2                Client Key Exchange

TCP        5671 → 60271    [ACK] Seq=1976 Ack=1088 Win=2618112 Len=0

TLSv1.2                 Certificate Verify

TCP        5671 → 60271    [ACK] Seq=1976 Ack=1173 Win=2618112 Len=0

TLSv1.2                 Change Cipher Spec

TCP        5671 → 60271    [ACK] Seq=1976 Ack=1179 Win=2618112 Len=0

TLSv1.2                 Encrypted Handshake Message

TCP        5671 → 60271    [ACK] Seq=1976 Ack=1216 Win=2617856 Len=0

TLSv1.2                 Change Cipher Spec, Encrypted Handshake Message

TCP        60271 → 5671    [ACK] Seq=1216 Ack=2019 Win=2616832 Len=0

TLSv1.2                 Application Data

TCP        5671 → 60271    [ACK] Seq=2019 Ack=1245 Win=2617856 Len=0

TLSv1.2                 Application Data

TCP        60271 → 5671    [ACK] Seq=1245 Ack=2048 Win=2616832 Len=0

TLSv1.2                 Encrypted Alert

TCP        60271 → 5671    [ACK] Seq=1245 Ack=2071 Win=2616832 Len=0

TCP        5671 → 60271    [RST, ACK] Seq=2071 Ack=1245 Win=0 Len=0

 

 

Thanks,

Shailaja