Category Archives: Windows

AMQP with mTLS with AMQPNETLite

Every now and then you are thrown into projects were you might not be the perfect pick from start. I seldom work with .NET and this project was just that 🙂 I was asked to create a small .NET proof-of-concept application in C# that fetches messages from a AMQP broker using mTLS authentication. I post the solution so it might benefit someone else (did not find much about this on Google)
Here is the result:

using Amqp;
using Amqp.Sasl;
using Microsoft.Extensions.Logging;


namespace DotNETApps
{
    class Program
    {
        static async Task Main(string[] args)
        {
            using var loggerFactory = LoggerFactory.Create(builder =>
            {
                builder
                    .AddConsole()
                    .SetMinimumLevel(LogLevel.Debug);
            });

            ILogger logger = loggerFactory.CreateLogger<Program>();

            logger.LogInformation("Application started.");

            Address address = new Address("amqps://mydomain:5671");

            var factory = new ConnectionFactory();
            factory.SSL.ClientCertificates.Add(new 
                  System.Security.Cryptography.X509Certificates
                         .X509Certificate2("c:\\myclientcert.pfx", "secret"));

            factory.SASL.Profile = SaslProfile.Anonymous;

            try {
                logger.LogInformation("Connecting to broker...");
                Connection connection = await factory.CreateAsync(address);
                logger.LogInformation("Connected to broker.");

                Session session = new Session(connection);
                ReceiverLink receiver = 
                         new ReceiverLink(session, "receiver-link", "MYQUEU");

                Console.WriteLine("Receiver connected to broker.");

                Message message = await Task.Run(() => 
                          receiver.Receive(TimeSpan.FromMilliseconds(2000)));

                if (message == null)
                {
                    Console.WriteLine("No message received.");
                    receiver.Close();
                    session.Close();
                    connection.Close();
                    return;
                }

                Console.WriteLine("Received " + message.Body);
                receiver.Accept(message);

                receiver.Close();
                session.Close();
                connection.Close();
            }
            catch (Exception e)
            {
                logger.LogError(e, "An error while processing messages.");
            }

            logger.LogInformation("Application ended.");
        }
    }
}

Tested on Windows 10, AMQPNETLite v2.4.11, .NET 8.0 and Visual Studio Code 1.97.0

Setting up remote administration with MQ Explorer on MQSeries 5.3

This is what needs to be done on the SERVER that is going to be administrated:

  • Create a new channel with CHLTYPE(SVRCONN), TRPTYPE(TCP) and MCAUSER(‘mqm’) (eg. define channel(SERVER.CONNECTION) CHLTYPE(SVRCONN) TRPTYPE(TCP) MCAUSER(‘mqm’) in runmqsc)
  • Create a new model called SYSTEM.MQEXPLORER.REPLY.MODEL (eg. define qmodel(SYSTEM.MQEXPLORER.REPLY.MODEL) in runmqsc)
  • Now start the command server: strmqcsv <QManager>

Now we are going to setup the CLIENT MQ Explorer

  1. Right click “Queue Managers” and choose “Show/Hide Queue Managers”
    Show/Hide Queue Managers
  2. Click “Add”
    Add button
  3. Queue Manager name is the name of the QManager of the server you want to administrate
    Queue Manager NamePress “Next”
  4. Now enter the Host name/IP address, Port and the Server connection channel you defined on the server
    Connection detailsNow press “Finished”
  5. If everything is correct MQ Explorer will now connect to the QManager

If the connection fails be sure to check firewall settings so that you are allowed to connect to the server on the desired port (port 1414 in this example)

Setting up a SSH tunnel using Putty

Every now and then I get stuck on a windows machine and since one bad never comes alone I also have to deal with a firewall configured by an former NSA employee 🙂 In these situations I just love Putty and its ability to create tunnels. Here is a small example of how:

I am on my local machine (127.0.0.1) and I need to use port 1414 on computer 10.10.10.2. My local machine is not allowed to connect to 10.10.10.2 directly (due to firewall rules) but it is allowed to connect to 10.10.10.1. 10.10.10.1 is allowed to connect to 10.10.10.2. Here is a simple schematic of the situation:

My local machine:1414 -> 10.10.10.1 -> 10.10.10.2:1414

Here is one way to set it up in Putty

  1. First we input the address and port to 10.10.10.1 (the “middle” machine)
    Putty session configuration
  2. Then we setup the tunnel (SSH->Tunnels) and press “Add”
    Putty tunnels configuration
    The Source port is the port on my local machine. The Destination is the remote computer we want to connect to (10.10.10.2)
  3. Now we press “Open” and enter our credentials. Done!