activemq-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Timothy Bish <tabish...@gmail.com>
Subject Re: setting up c++ client app using CMS using SSL client certificate auth
Date Thu, 14 Mar 2013 15:49:51 GMT
On 03/13/2013 08:15 PM, mikmela wrote:
> I'm having problem setting client app using ActiveMQ CMS with enabled client
> certificate auth.
> Someone already asked similar question
> http://activemq.2283324.n4.nabble.com/SSL-with-ActiveMQ-cpp-td4499106.html.
>
> I'm doing the following:
>     activemq::library::ActiveMQCPP::initializeLibrary();
>     decaf::lang::System::setProperty( "decaf.net.ssl.trustStore",
> pathToClientTrustStoreInPemFormat);
>     decaf::lang::System::setProperty( "decaf.net.ssl.keyStore",
> pathToClienteyStoreInPemFormat);
>     decaf::lang::System::setProperty("decaf.net.ssl.keyStorePassword",
> clientKeyStorePassword);
>
> Is all this needed for client to provide client certificate during ssl hand
> shake?
> Before I was setting  only one property below and it worked without clien
> auth enabled on the broker uri
> decaf::lang::System::setProperty( "decaf.net.ssl.trustStore",
> pathToClientTrustStoreInPemFormat);
>
>
> My broker  has the following failover URI:
> broker:(ssl://dev1467:61616?*needClientAuth=true*,vm://dev1467:61616)/dbridge49cpdora1dev146761616?useJmx=true&persistent=true&populateJMSXUserID=true&useShutdownHook=false&deleteAllMessagesOnStartup=false&enableStatistics=true
>
> The error I'm getting:
> error:0906D06C:PEM routines:PEM_read_bio:no start line
> error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
>
>
Sounds like there's an issue with the format of the PEM file. Perhaps 
you should look into regenerating that file.

-- 
Tim Bish
Sr Software Engineer | RedHat Inc.
tim.bish@redhat.com | www.fusesource.com | www.redhat.com
skype: tabish121 | twitter: @tabish121
blog: http://timbish.blogspot.com/


Mime
View raw message