All Products
Search

This Product

    ApsaraMQ for RabbitMQ:Causes and solutions for connection failures

    Document Center

    ApsaraMQ for RabbitMQ:Causes and solutions for connection failures

    Last Updated:Aug 21, 2025

    This topic describes the causes of connection failures in ApsaraMQ for RabbitMQ, and provides troubleshooting methods and solutions.

    Possible causes

    • Incorrect username or password: In ApsaraMQ for RabbitMQ, the username and password are the credentials for authentication when you establish a connection. You must create the username and password based on the authentication and permission model of the instance.

      • Open source authentication and permission management: Use a custom username and password.

      • Resource Access Management (RAM): Use a username and password generated from an Alibaba Cloud AccessKey pair.

    • Permission error: A connection fails if you do not have the required operation permissions on the instance. The required permissions are based on the instance's authentication and permission model.

      • Open source authentication and permission management: Check whether the custom user has the required permissions.

      • RAM: Check whether the user who owns the AccessKey pair used to generate the username and password has the required permissions.

    • Invalid endpoint: If you connect to an ApsaraMQ for RabbitMQ instance from the Alibaba Cloud internal network, specify the VPC endpoint. If you connect from an external network, such as a local development environment, specify the public endpoint.

    • Nonexistent ApsaraMQ for RabbitMQ resource: Before you establish a connection, make sure that your ApsaraMQ for RabbitMQ instance is running and that required resources, such as vhosts, are created in the console.

    Solutions

    1. Make sure that the username and password are generated correctly:

      • Open source authentication and permission management: For information about how to create a custom username and password, see Create a username and password.

      • RAM: For information about how to generate a username and password, see Create a static username and password. Do not use an AccessKey pair as the username and password to establish a connection to ApsaraMQ for RabbitMQ.

    2. Make sure that the required permissions are granted:

      • Open source authentication and permission management: For information about how to grant permissions to a custom user, see Permission management.

      • RAM: In most cases, you can follow the instructions in Step 1: (Optional) Grant permissions to a RAM user to configure overall permissions for the AMQP service, such as operation and read-only permissions. If you require more complex control policies, such as performing operations on resources in a specific vhost, see Custom policies for ApsaraMQ for RabbitMQ. If the permissions are complex, you can combine different policies to achieve your desired control policy.

    3. Make sure that the correct endpoint is specified:

      In the client environment, you can use tools such as ping and telnet to check the network connectivity to the endpoint. This helps prevent connection failures that are caused by network issues.

    4. Confirm that the connection request reached the server:

      Activate Simple Log Service for ApsaraMQ for RabbitMQ. For more information, see Log Management.

      After you activate Simple Log Service, you can check whether the server receives the operation requests for your instance.

      For example, if you frequently connect to an ApsaraMQ for RabbitMQ instance in a test environment but no corresponding logs are recorded, the connection requests have not reached the server. In this case, you must check the client logic and the network link.

    5. Troubleshoot the issue based on the error code:

      If the request has reached the server, you can troubleshoot the issue based on the return code in the log. For more information, see Error codes.

      Examples:

      1. If the return code is 403 and the error message is AccessDeniedByRamPolicy, check the RAM authorization.

      2. If the return code is 311 and the error message is MessageBodyLengthExceeded, check whether the message body size exceeds the limit.

      3. If the return code is 404 and the error message is ExchangeNotExist or QueueNotExist, check the resources. You can view the name of the nonexistent resource in the log, check whether the resource exists, or create the resource.

      4. If the return code is 530 and the error message is denied for too many requests, ExchangeNumExceeded, QueueNumExceeded, or VhostNumExceeded, check the throttling limits. Determine whether you need to upgrade the instance specifications or optimize how you use the instance.

      5. If the return code is 541, check the announcements. This return code is usually returned only when the server is being upgraded. If your business is affected, submit a ticket to contact Alibaba Cloud technical support.