1. 首页
  2. 问答
  3. 连接到AWS上的Windows Server Service Bus

连接到AWS上的Windows Server Service Bus

2012-09-17 56 views
3

我正在使用新的Windows Server Service Bus 1.0 Beta开始使用新项目。我正尝试在AWS EC2虚拟机上设置测试环境。连接到AWS上的Windows Server Service Bus

我在AWS EC2上运行的Windows Server 2008 R2实例上安装了服务总线,并根据MSDN文档中的示例设置了新的服务器场,容器和主机。我已经在服务器上打开了所有正确的端口(4443和9354)。我也按照[本页] [1]中的说明将自己生成的证书导出到我的客户机器上。

我有一个非常简单的C#程序,它创建队列,排队消息并接收它。当我将可执行文件复制到VM并在那里运行时,该程序正常工作,所以我相信我正确使用了API。但是,当我从本地开发框指向AWS服务器运行程序时,我遇到了安全异常。

我的代码如下所示: 

var servername = "X.X.X.X"; // <-- An IP Address, not FQDN 
var sbNamespace = "MyNamespace"; 
var httpPort = 4446; 
var tcpPort = 9354; 

//create SB uris 
var rootAddressManagement = ServiceBusEnvironment.CreatePathBasedServiceUri("sb", sbNamespace, string.Format("{0}:{1}", servername, httpPort)); 
var rootAddressRuntime = ServiceBusEnvironment.CreatePathBasedServiceUri("sb", sbNamespace, string.Format("{0}:{1}", servername, tcpPort)); 

var tokenProvider = TokenProvider.CreateWindowsTokenProvider(new List<Uri>() { rootAddressManagement }); 
var namespaceManager = new NamespaceManager(rootAddressManagement, 
    new NamespaceManagerSettings() 
    { 
     TokenProvider = tokenProvider 
    }); 
var factory = MessagingFactory.Create(rootAddressRuntime, 
    new MessagingFactorySettings() 
    { 
     TokenProvider = tokenProvider, 
     //OperationTimeout = TimeSpan.FromMinutes(30) 
    }); 

if (!namespaceManager.QueueExists("OrderQueue")) <-- EXCEPTION OCCURRS HERE 
{ 
    // Code to create a queue that is never reached. 
}

我的异常跟踪看起来是这样的:

[Microsoft.ServiceBus.Messaging.ServiceBusResourceOperations+GetAsyncResult`1[[Microsoft.ServiceBus.Messaging.QueueDescription, Microsoft.ServiceBus, Version=1.6.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35]]] IteratorAsyncResult failed to move to the next step due to an exception; System.UnauthorizedAccessException: The token provider was unable to provide a security token while accessing 'https://107.23.15.5:4446/APIHealthcare/$STS/Windows/'. Token provider returned message: 'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.'. ---> System.IdentityModel.Tokens.SecurityTokenException: The token provider was unable to provide a security token while accessing 'https://107.23.15.5:4446/APIHealthcare/$STS/Windows/'. Token provider returned message: 'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. 
    at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) 
    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) 
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) 
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) 
    at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) 
    at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) 
    at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) 
    at System.Net.ConnectStream.WriteHeaders(Boolean async) 
    --- End of inner exception stack trace --- 
    at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) 
    at System.Net.HttpWebRequest.GetRequestStream() 
    at Microsoft.ServiceBus.TokenProviderHelper.GetWindowsAccessTokenCore(IEnumerator`1 stsUris, Func`2 uriBuilder, String requestToken, TimeSpan timeout, DateTime& expiresIn) 
    --- End of inner exception stack trace --- 
    at Microsoft.ServiceBus.TokenProviderHelper.ThrowException(Uri requestUri, WebException exception) 
    at Microsoft.ServiceBus.TokenProviderHelper.GetWindowsAccessTokenCore(IEnumerator`1 stsUris, Func`2 uriBuilder, String requestToken, TimeSpan timeout, DateTime& expiresIn) 
    at Microsoft.ServiceBus.WindowsTokenProvider.OnBeginGetWebToken(String appliesTo, String action, TimeSpan timeout, AsyncCallback callback, Object state) 
    at Microsoft.ServiceBus.TokenProvider.GetWebTokenAsyncResult..ctor(TokenProvider tokenProvider, String appliesTo, String action, Boolean bypassCache, TimeSpan timeout, AsyncCallback callback, Object state) 
    at Microsoft.ServiceBus.TokenProvider.BeginGetWebToken(String appliesTo, String action, Boolean bypassCache, TimeSpan timeout, AsyncCallback callback, Object state) 
    at Microsoft.ServiceBus.TokenProviderUtility.GetMessagingWebToken(ITokenProvider tokenProvider, String appliesTo, String action, Boolean bypassCache, TimeSpan timeout) 
    --- End of inner exception stack trace --- 
    at Microsoft.ServiceBus.TokenProviderUtility.GetMessagingWebToken(ITokenProvider tokenProvider, String appliesTo, String action, Boolean bypassCache, TimeSpan timeout) 
    at Microsoft.ServiceBus.Messaging.HttpWebRequestExtensions.AddAuthorizationHeader(HttpWebRequest request, ITokenProvider tokenProvider, Uri baseAddress, String action) 
    at Microsoft.ServiceBus.Messaging.ServiceBusResourceOperations.GetAsyncResult`1.<GetAsyncSteps>d__c.MoveNext() 
    at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.MoveNextStep() 
A first chance exception of type 'System.UnauthorizedAccessException' occurred in Microsoft.ServiceBus.dll 
System.UnauthorizedAccessException: The token provider was unable to provide a security token while accessing 'https://107.23.15.5:4446/APIHealthcare/$STS/Windows/'. Token provider returned message: 'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.'. ---> System.IdentityModel.Tokens.SecurityTokenException: The token provider was unable to provide a security token while accessing 'https://107.23.15.5:4446/APIHealthcare/$STS/Windows/'. Token provider returned message: 'The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.'. ---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. 
    at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) 
    at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) 
    at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) 
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) 
    at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) 
    at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) 
    at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) 
    at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) 
    at System.Net.ConnectStream.WriteHeaders(Boolean async) 
    --- End of inner exception stack trace --- 
    at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context) 
    at System.Net.HttpWebRequest.GetRequestStream() 
    at Microsoft.ServiceBus.TokenProviderHelper.GetWindowsAccessTokenCore(IEnumerator`1 stsUris, Func`2 uriBuilder, String requestToken, TimeSpan timeout, DateTime& expiresIn) 
    --- End of inner exception stack trace --- 
    at Microsoft.ServiceBus.TokenProviderHelper.ThrowException(Uri requestUri, WebException exception) 
    at Microsoft.ServiceBus.TokenProviderHelper.GetWindowsAccessTokenCore(IEnumerator`1 stsUris, Func`2 uriBuilder, String requestToken, TimeSpan timeout, DateTime& expiresIn) 
    at Microsoft.ServiceBus.WindowsTokenProvider.OnBeginGetWebToken(String appliesTo, String action, TimeSpan timeout, AsyncCallback callback, Object state) 
    at Microsoft.ServiceBus.TokenProvider.GetWebTokenAsyncResult..ctor(TokenProvider tokenProvider, String appliesTo, String action, Boolean bypassCache, TimeSpan timeout, AsyncCallback callback, Object state) 
    at Microsoft.ServiceBus.TokenProvider.BeginGetWebToken(String appliesTo, String action, Boolean bypassCache, TimeSpan timeout, AsyncCallback callback, Object state) 
    at Microsoft.ServiceBus.TokenProviderUtility.GetMessagingWebToken(ITokenProvider tokenProvider, String appliesTo, String action, Boolean bypassCache, TimeSpan timeout) 
    --- End of inner exception stack trace --- 

Server stack trace: 
    at Microsoft.ServiceBus.TokenProviderUtility.GetMessagingWebToken(ITokenProvider tokenProvider, String appliesTo, String action, Boolean bypassCache, TimeSpan timeout) 
    at Microsoft.ServiceBus.Messaging.HttpWebRequestExtensions.AddAuthorizationHeader(HttpWebRequest request, ITokenProvider tokenProvider, Uri baseAddress, String action) 
    at Microsoft.ServiceBus.Messaging.ServiceBusResourceOperations.GetAsyncResult`1.<GetAsyncSteps>d__c.MoveNext() 
    at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.MoveNextStep() 
    at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.EnumerateSteps(CurrentThreadType state) 
    at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.Start() 

Exception rethrown at [0]: 
    at Microsoft.ServiceBus.Common.AsyncResult.End[TAsyncResult](IAsyncResult result) 
    at Microsoft.ServiceBus.Messaging.IteratorAsyncResult`1.End(IAsyncResult asyncResult) 
    at Microsoft.ServiceBus.Messaging.ServiceBusResourceOperations.EndGet[TEntityDescription](IAsyncResult asyncResult) 
    at Microsoft.ServiceBus.NamespaceManager.OnEndQueueExists(IAsyncResult result) 
    at Microsoft.ServiceBus.NamespaceManager.EndQueueExists(IAsyncResult result) 
    at Microsoft.ServiceBus.NamespaceManager.QueueExists(String path) 
    at ServiceBusSandbox.ServiceBusSampleApp.CreateAQueue(NamespaceManager namespaceManager) in c:\Users\cent049\Documents\Visual Studio 2012\Projects\ServiceBusSandbox\ServiceBusSandbox\ServiceBusSampleApp.cs:line 15 
    at ServiceBusSandbox.ServiceBusSampleApp.Main(String[] args) in c:\Users\cent049\DocumentThe thread 'vshost.RunParkingWindow' (0x2608) has exited with code 0 (0x0).

我有一种预感,这个问题是,我使用的IP地址连接虚拟机,而不是FQDN,但是我不知道如何确认,也不知道如何为我的AWS服务器获取域名。服务器有一个机器名称,但只是在工作组“WORKGROUP”上,而不是在域上。

任何和所有的帮助将不胜感激。

来源

2012-09-17 johnmcase

回答

8

使用CreateOAuthTokenProvider而不是CreateWindowsTokenProvider。

  1. 首先,您需要在机器上创建一个帐户:rootAddressManagement。
  2. 将新创建的帐户添加为名称空间的管理用户。 Set-SBNamespace -Name“YourNamespace” - 管理您的用户
  3. 由于您使用的是IP地址,请在对SB进行任何调用之前添加证书验证码。 ServicePointManager.ServerCertificateValidationCallback = new RemoteCertificateValidationCallback((s,cert,chain,ssl)=> {return true;});第三,使用TokenProvider.CreateOAuthTokenProvider(new List(){rootAddressManagement},new NetworkCredential(“YouUser”,“YouPassword”));第二步,使用TokenProvider.CreateOAuthTokenProvider

注:不指定机器名作为YourUser

来源

2012-09-18 16:33:38

+1

这让我更进一步。我的应用程序确实连接并创建了队列,但尝试将消息放入队列时失败。我现在得到的消息是: System.IdentityModel.Tokens.SecurityTokenValidationException:X.509证书CN = ** MACHINE_NAME **不在受信任的人员存储区中。 X.509证书CN = ** MACHINE_NAME **连锁建筑失败。使用的证书具有无法验证的信任链。替换证书或更改certificateValidationMode。撤销功能无法检查证书的撤销。 – johnmcase

+1

我尝试将rootAddressRuntime添加到传递给CreateOAuthTokenProvider的List中,但没有运气,错误也是一样。 – johnmcase

0

是的,你的预感是正确的一部分。您遇到此问题是因为服务器使用的证书颁发给机器的FQDN,并且使用IP会导致证书名称不匹配。

短期,您可以解决此通过使用CertificateValidation回调忽略错误: http://msdn.microsoft.com/en-us/library/system.net.servicepointmanager.servercertificatevalidationcallback.aspx

从长远来看,你可能要检查如何让虚拟机的面向外部的名称,并使用与此相符的证书。

来源

2012-09-18 16:36:22

0

我陷入了同样的错误。我遵循了第二篇文章中描述的步骤。但最终以 结束“这让我更进了一步。我的应用程序确实连接并创建了队列,但尝试将消息放入队列时失败。我现在得到的消息是:System.IdentityModel.Tokens.SecurityTokenValidationException:X.509证书CN = MACHINE_NAME不在受信任的人员存储区中。 X.509证书CN = MACHINE_NAME连锁建筑失败。使用的证书具有无法验证的信任链。替换证书或更改certificateValidationMode。吊销功能无法检查吊销证书“。

来源

2012-10-15 23:23:03 Mahesh

+0

我在本地客户端机器上安装由服务总线生成的证书,并成功连接到该服务。但是,当我尝试发送消息卡住在同一问题上,我怀疑这是由于防火墙问题 – Mahesh

2

我得到了一个坏消息和一个好消息。 坏消息头被埋使用microsoft.servicebus.dll方法发送消息。 对于我来说,我不能使用Microsoft windows.servicebus.dll连接窗口服务总线。当我tryed送我被困在SendMessage函数操作并且不可能继续超越该点的消息。 我怀疑的问题是 Publish to Azure Service Bus over http behind proxy 是在当前版本中的一个错误。

好消息是我设法使用rest API来完成所有的服务总线操作。

首先是使用microsft提供的以下代码示例获取身份验证令牌。

http://msdn.microsoft.com/en-us/library/windowsazure/jj193003%28v=azure.10%29.aspx

一旦u得到操作的令牌休息(创建阙,发送邮件,recive消息)是相同的Windows Azure服务总线。请参阅有关服务总线操作的Microsoft文档的详细信息。

http://msdn.microsoft.com/en-us/library/windowsazure/hh690927.aspx 希望这对您有所帮助。 谢谢。

来源

2012-10-17 22:56:00 Mahesh

相关问题

 相关问题