Rabbitmq authentication failure. wrong credentials?

On Jun 10, 2018, at 9:27 AM, Kaye sanpascual.keeshia@gmail.com wrote:

Hi All,

We are currently deploying Sensu into Production. We have RabbitMQ version 3.6.15 and Erlang 20.3.6 in our server -running CentOS.

Configurations are supposed to be correct as the same configurations run Sensu smoothly on our Development Environment - Ubuntu Server. We have looked for different solutions online but there aren’t enough resources available. We have also tried to upgrade the versions of RabbitMQ and Erlang to latest but it did not resolve the issue. Hoping you could provide suggestions. Thanks!

There are no error displayed when we tail the rabbitmq log but sensu-enterprise.log shows an error message related to amqp credentials

{“timestamp”:“2018-06-10T16:39:15.989000+0200”,“level”:“warn”,“message”:“transport connection error”,“reason”:“possible authentication failure. wrong credentials?”,“user”:“admin”}

/etc/sensu/conf.d/rabbitmq.json

{

“rabbitmq”: {

"host": "xxx@localhost",

"port": 5671,

"user": "admin",

"password": "admin",

"vhost": "/sensu",

"ssl": {

"cert_chain_file": "/etc/sensu/ssl/cert.pem",

"private_key_file": "/etc/sensu/ssl/key.pem"}

}

}

``

/etc/rabbitmq/rabbitmq.config

[{rabbit, [

 {ssl_listeners, [5671]},

 {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},

                {certfile,"/etc/rabbitmq/ssl/cert.pem"},

                {keyfile,"/etc/rabbitmq/ssl/key.pem"},

                {versions, ['tlsv1.2']},

                {verify,verify_peer},

                {fail_if_no_peer_cert,true}]}

]},

{rabbitmq_management, [{listener, [{port, 15672}]}]}

].

``

On Mon, Jun 11, 2018 at 12:27 PM, Keeshia San Pascual sanpascual.keeshia@gmail.com wrote:

Hi Josh,

Thanks for your response! I have already tried changing the admin password and also creating a new user but the issue persists.

rabbitmqctl add_user sensu changeme rabbitmqctl set_user_tags sensu administrator rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*"


I don't see any warning or error message when I tail rabbitmq logs:

[root@xxlocalhost rabbitmq]# tail -f rabbit@localhost.log

Statistics database started.

=INFO REPORT==== 11-Jun-2018::06:21:01 ===

Server startup complete; 6 plugins started.

• rabbitmq_management

• rabbitmq_management_agent

• rabbitmq_web_dispatch

• cowboy

• amqp_client

• cowlib

I kept on seeing the credential issue on Sensu Enterprise and Sensu client logs.

Regards,

Kaye

On Mon, Jun 11, 2018 at 12:17 AM, Josh Pasqualetto joshua.pasqualetto@gmail.com wrote:

Hey Kaye,

Try resetting the password to the admin user, maybe the password isn’t what you think it is.

rabbitmqctl change_password admin New-Password

If that doesn’t work tail the rabbitmq logs and look for any issues. And debug just as you would an authentication issue outside of sensu.

Thanks,

Josh

On Jun 10, 2018, at 9:27 AM, Kaye sanpascual.keeshia@gmail.com wrote:

Hi All,

We are currently deploying Sensu into Production. We have RabbitMQ version 3.6.15 and Erlang 20.3.6 in our server -running CentOS.

Configurations are supposed to be correct as the same configurations run Sensu smoothly on our Development Environment - Ubuntu Server. We have looked for different solutions online but there aren’t enough resources available. We have also tried to upgrade the versions of RabbitMQ and Erlang to latest but it did not resolve the issue. Hoping you could provide suggestions. Thanks!

There are no error displayed when we tail the rabbitmq log but sensu-enterprise.log shows an error message related to amqp credentials

{“timestamp”:“2018-06-10T16:39:15.989000+0200”,“level”:“warn”,“message”:“transport connection error”,“reason”:“possible authentication failure. wrong credentials?”,“user”:“admin”}

/etc/sensu/conf.d/rabbitmq.json

{

“rabbitmq”: {

"host": "xxx@localhost",

"port": 5671,

"user": "admin",

"password": "admin",

"vhost": "/sensu",

"ssl": {

"cert_chain_file": "/etc/sensu/ssl/cert.pem",

"private_key_file": "/etc/sensu/ssl/key.pem"}

}

}

``

/etc/rabbitmq/rabbitmq.config

[{rabbit, [

 {ssl_listeners, [5671]},

 {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},

                {certfile,"/etc/rabbitmq/ssl/cert.pem"},

                {keyfile,"/etc/rabbitmq/ssl/key.pem"},

                {versions, ['tlsv1.2']},

                {verify,verify_peer},

                {fail_if_no_peer_cert,true}]}

]},

{rabbitmq_management, [{listener, [{port, 15672}]}]}

].

``

On Mon, Jun 11, 2018 at 12:27 PM, Keeshia San Pascual sanpascual.keeshia@gmail.com wrote:

Hi Josh,

Thanks for your response! I have already tried changing the admin password and also creating a new user but the issue persists.

rabbitmqctl add_user sensu changeme rabbitmqctl set_user_tags sensu administrator rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*"


I don't see any warning or error message when I tail rabbitmq logs:

[root@xxlocalhost rabbitmq]# tail -f rabbit@localhost.log

Statistics database started.

=INFO REPORT==== 11-Jun-2018::06:21:01 ===

Server startup complete; 6 plugins started.

• rabbitmq_management

• rabbitmq_management_agent

• rabbitmq_web_dispatch

• cowboy

• amqp_client

• cowlib

I kept on seeing the credential issue on Sensu Enterprise and Sensu client logs.

Regards,

Kaye

On Mon, Jun 11, 2018 at 12:17 AM, Josh Pasqualetto joshua.pasqualetto@gmail.com wrote:

Hey Kaye,

Try resetting the password to the admin user, maybe the password isn’t what you think it is.

rabbitmqctl change_password admin New-Password

If that doesn’t work tail the rabbitmq logs and look for any issues. And debug just as you would an authentication issue outside of sensu.

Thanks,

Josh

On Jun 10, 2018, at 9:27 AM, Kaye sanpascual.keeshia@gmail.com wrote:

Hi All,

We are currently deploying Sensu into Production. We have RabbitMQ version 3.6.15 and Erlang 20.3.6 in our server -running CentOS.

Configurations are supposed to be correct as the same configurations run Sensu smoothly on our Development Environment - Ubuntu Server. We have looked for different solutions online but there aren’t enough resources available. We have also tried to upgrade the versions of RabbitMQ and Erlang to latest but it did not resolve the issue. Hoping you could provide suggestions. Thanks!

There are no error displayed when we tail the rabbitmq log but sensu-enterprise.log shows an error message related to amqp credentials

{“timestamp”:“2018-06-10T16:39:15.989000+0200”,“level”:“warn”,“message”:“transport connection error”,“reason”:“possible authentication failure. wrong credentials?”,“user”:“admin”}

/etc/sensu/conf.d/rabbitmq.json

{

“rabbitmq”: {

"host": "xxx@localhost",

"port": 5671,

"user": "admin",

"password": "admin",

"vhost": "/sensu",

"ssl": {

"cert_chain_file": "/etc/sensu/ssl/cert.pem",

"private_key_file": "/etc/sensu/ssl/key.pem"}

}

}

``

/etc/rabbitmq/rabbitmq.config

[{rabbit, [

 {ssl_listeners, [5671]},

 {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},

                {certfile,"/etc/rabbitmq/ssl/cert.pem"},

                {keyfile,"/etc/rabbitmq/ssl/key.pem"},

                {versions, ['tlsv1.2']},

                {verify,verify_peer},

                {fail_if_no_peer_cert,true}]}

]},

{rabbitmq_management, [{listener, [{port, 15672}]}]}

].

``

On Mon, Jun 11, 2018 at 2:25 PM, Josh Pasqualetto joshua.pasqualetto@gmail.com wrote:

Hey Keeshia,

Can you authenticate to rabbitmq outside of sensu?

E.g. curl -i -u sensu:password http://localhost:15672/api/whoami

I remember rabbitmq having an access log or perhaps you have to up the debug level. At any rate we need to deduce if it’s an auth problem with rabbitmq or a configuration/permissions issue.

Try to auth to rabbitmq outside sensu and go from there.

Thanks,

Josh

On Jun 10, 2018, at 10:30 PM, Keeshia San Pascual sanpascual.keeshia@gmail.com wrote:

Sorry, this was the commands I used:

rabbitmqctl add_user sensu changeme

rabbitmqctl set_user_tags sensu administrator

rabbitmqctl set_permissions -p /sensu sensu “." ".” “.*”

On Mon, Jun 11, 2018 at 12:27 PM, Keeshia San Pascual sanpascual.keeshia@gmail.com wrote:

Hi Josh,

Thanks for your response! I have already tried changing the admin password and also creating a new user but the issue persists.

rabbitmqctl add_user sensu changeme rabbitmqctl set_user_tags sensu administrator rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*"


I don't see any warning or error message when I tail rabbitmq logs:

[root@xxlocalhost rabbitmq]# tail -f rabbit@localhost.log

Statistics database started.

=INFO REPORT==== 11-Jun-2018::06:21:01 ===

Server startup complete; 6 plugins started.

• rabbitmq_management

• rabbitmq_management_agent

• rabbitmq_web_dispatch

• cowboy

• amqp_client

• cowlib

I kept on seeing the credential issue on Sensu Enterprise and Sensu client logs.

Regards,

Kaye

On Mon, Jun 11, 2018 at 12:17 AM, Josh Pasqualetto joshua.pasqualetto@gmail.com wrote:

Hey Kaye,

Try resetting the password to the admin user, maybe the password isn’t what you think it is.

rabbitmqctl change_password admin New-Password

If that doesn’t work tail the rabbitmq logs and look for any issues. And debug just as you would an authentication issue outside of sensu.

Thanks,

Josh

On Jun 10, 2018, at 9:27 AM, Kaye sanpascual.keeshia@gmail.com wrote:

Hi All,

We are currently deploying Sensu into Production. We have RabbitMQ version 3.6.15 and Erlang 20.3.6 in our server -running CentOS.

Configurations are supposed to be correct as the same configurations run Sensu smoothly on our Development Environment - Ubuntu Server. We have looked for different solutions online but there aren’t enough resources available. We have also tried to upgrade the versions of RabbitMQ and Erlang to latest but it did not resolve the issue. Hoping you could provide suggestions. Thanks!

There are no error displayed when we tail the rabbitmq log but sensu-enterprise.log shows an error message related to amqp credentials

{“timestamp”:“2018-06-10T16:39:15.989000+0200”,“level”:“warn”,“message”:“transport connection error”,“reason”:“possible authentication failure. wrong credentials?”,“user”:“admin”}

/etc/sensu/conf.d/rabbitmq.json

{

“rabbitmq”: {

"host": "xxx@localhost",

"port": 5671,

"user": "admin",

"password": "admin",

"vhost": "/sensu",

"ssl": {

"cert_chain_file": "/etc/sensu/ssl/cert.pem",

"private_key_file": "/etc/sensu/ssl/key.pem"}

}

}

``

/etc/rabbitmq/rabbitmq.config

[{rabbit, [

 {ssl_listeners, [5671]},

 {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},

                {certfile,"/etc/rabbitmq/ssl/cert.pem"},

                {keyfile,"/etc/rabbitmq/ssl/key.pem"},

                {versions, ['tlsv1.2']},

                {verify,verify_peer},

                {fail_if_no_peer_cert,true}]}

]},

{rabbitmq_management, [{listener, [{port, 15672}]}]}

].

``

On Mon, Jun 11, 2018 at 2:25 PM, Josh Pasqualetto joshua.pasqualetto@gmail.com wrote:

Hey Keeshia,

Can you authenticate to rabbitmq outside of sensu?

E.g. curl -i -u sensu:password http://localhost:15672/api/whoami

I remember rabbitmq having an access log or perhaps you have to up the debug level. At any rate we need to deduce if it’s an auth problem with rabbitmq or a configuration/permissions issue.

Try to auth to rabbitmq outside sensu and go from there.

Thanks,

Josh

On Jun 10, 2018, at 10:30 PM, Keeshia San Pascual sanpascual.keeshia@gmail.com wrote:

Sorry, this was the commands I used:

rabbitmqctl add_user sensu changeme

rabbitmqctl set_user_tags sensu administrator

rabbitmqctl set_permissions -p /sensu sensu “." ".” “.*”

On Mon, Jun 11, 2018 at 12:27 PM, Keeshia San Pascual sanpascual.keeshia@gmail.com wrote:

Hi Josh,

Thanks for your response! I have already tried changing the admin password and also creating a new user but the issue persists.

rabbitmqctl add_user sensu changeme rabbitmqctl set_user_tags sensu administrator rabbitmqctl set_permissions -p /sensu sensu ".*" ".*" ".*"


I don't see any warning or error message when I tail rabbitmq logs:

[root@xxlocalhost rabbitmq]# tail -f rabbit@localhost.log

Statistics database started.

=INFO REPORT==== 11-Jun-2018::06:21:01 ===

Server startup complete; 6 plugins started.

• rabbitmq_management

• rabbitmq_management_agent

• rabbitmq_web_dispatch

• cowboy

• amqp_client

• cowlib

I kept on seeing the credential issue on Sensu Enterprise and Sensu client logs.

Regards,

Kaye

On Mon, Jun 11, 2018 at 12:17 AM, Josh Pasqualetto joshua.pasqualetto@gmail.com wrote:

Hey Kaye,

Try resetting the password to the admin user, maybe the password isn’t what you think it is.

rabbitmqctl change_password admin New-Password

If that doesn’t work tail the rabbitmq logs and look for any issues. And debug just as you would an authentication issue outside of sensu.

Thanks,

Josh

On Jun 10, 2018, at 9:27 AM, Kaye sanpascual.keeshia@gmail.com wrote:

Hi All,

We are currently deploying Sensu into Production. We have RabbitMQ version 3.6.15 and Erlang 20.3.6 in our server -running CentOS.

Configurations are supposed to be correct as the same configurations run Sensu smoothly on our Development Environment - Ubuntu Server. We have looked for different solutions online but there aren’t enough resources available. We have also tried to upgrade the versions of RabbitMQ and Erlang to latest but it did not resolve the issue. Hoping you could provide suggestions. Thanks!

There are no error displayed when we tail the rabbitmq log but sensu-enterprise.log shows an error message related to amqp credentials

{“timestamp”:“2018-06-10T16:39:15.989000+0200”,“level”:“warn”,“message”:“transport connection error”,“reason”:“possible authentication failure. wrong credentials?”,“user”:“admin”}

/etc/sensu/conf.d/rabbitmq.json

{

“rabbitmq”: {

"host": "xxx@localhost",

"port": 5671,

"user": "admin",

"password": "admin",

"vhost": "/sensu",

"ssl": {

"cert_chain_file": "/etc/sensu/ssl/cert.pem",

"private_key_file": "/etc/sensu/ssl/key.pem"}

}

}

``

/etc/rabbitmq/rabbitmq.config

[{rabbit, [

 {ssl_listeners, [5671]},

 {ssl_options, [{cacertfile,"/etc/rabbitmq/ssl/cacert.pem"},

                {certfile,"/etc/rabbitmq/ssl/cert.pem"},

                {keyfile,"/etc/rabbitmq/ssl/key.pem"},

                {versions, ['tlsv1.2']},

                {verify,verify_peer},

                {fail_if_no_peer_cert,true}]}

]},

{rabbitmq_management, [{listener, [{port, 15672}]}]}

].

``