1
parameters = pika.URLParameters('amqps://<user>:<pass>@<host>/<vhost>')
connection = pika.BlockingConnection(parameters)
channel = connection.channel()

我正进入(状态:ssl.SSLCertVerificationError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)

我知道服务器有一个自签名证书。我错过了哪些步骤?

4

1 回答 1

1
    ssl_enabled = settings["rabbitmq"].get("ssl", False)

    rabbitmq_user = settings["rabbitmq"]["user"]
    rabbitmq_password = settings["rabbitmq"]["password"]
    rabbitmq_server = settings["rabbitmq"]["server"]
    rabbitmq_vhost = settings["rabbitmq"]["vhost"]
    rabbitmq_exchange = settings["rabbitmq"]["exchange"]
    rabbitmq_queue = settings["rabbitmq"]["queue"]

    if ssl_enabled:
        context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
        context.verify_mode = ssl.CERT_REQUIRED
        context.load_verify_locations(settings["rabbitmq"].get("ca_bundle", '/etc/pki/tls/certs/ca-bundle.crt'))
        ssl_options = pika.SSLOptions(context)
        port = settings["rabbitmq"].get("port", 5671)
    else:
        ssl_options = None
        port = settings["rabbitmq"].get("port", 5672)

    credentials = pika.credentials.PlainCredentials(
        username=rabbitmq_user, password=rabbitmq_password
    )
    connection_params = pika.ConnectionParameters(
        host=rabbitmq_server,
        ssl_options=ssl_options,
        port=port,
        credentials=credentials,
        virtual_host=rabbitmq_vhost,
        heartbeat=600,
        blocked_connection_timeout=300,
    )
    rabbit = pika.BlockingConnection(connection_params)
    channel = rabbit.channel()

    channel.exchange_declare(
        exchange=rabbitmq_exchange, exchange_type="direct", durable=True
    )
    channel.queue_declare(queue=rabbitmq_queue, durable=True)
    channel.queue_bind(
        exchange=rabbitmq_exchange, queue=rabbitmq_queue, routing_key=rabbitmq_queue
    )

    queue_properties = pika.BasicProperties(delivery_mode=2)
于 2020-05-28T23:12:51.820 回答