qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gordon Sim <g...@redhat.com>
Subject Re: ssl.so and sslconnector.so not available in ../src/.libs/
Date Mon, 01 Jun 2009 12:17:31 GMT
ft420 wrote:
> hi,
> Sorry for the delay in reply.
> 
> Could you please be more explainatory regarding what exactly has to be
> checked?

Check what certs you have in the database:

certutil -L -d /root/cert_db

Specifically do you have one named 'hostname' or are you using that as 
shorthand for the real hostname of your machine? If so check the CN set 
on the certificate:

certutil -L -d /root/cert_db -n hostname

The value specified for CN (usually the fully qualified name of the 
machine qpidd is running on) needs to be used when you connect (and for 
the declare_queues example program should be passed in on the command line).

> I am new to ssl concept so i donot know much about it. i did whatever was
> mentioned in SSL text file availble in qpid installable folder for C++.
> 
> Awaiting your response
> Thanks
> 
> 
> Gordon Sim wrote:
>> ft420 wrote:
>>> ./qpidd --auth no --port 5004 --ssl-port 5005 --ssl-cert-db /root/cert_db
>>> --ssl-cert-password-file cert_password --ssl-cert-name hostname
>>> broker starts listening on port 5005 for ssl connections and listening on
>>> TCP port 5004.
>>>
>>> now for client connection 
>>>
>>> we are executing following steps 
>>> export QPID_SSL_CERT_DB=/root/cert_db
>>> ./declare_queues hostname 5005 hangs execution and on closing this error
>>> displayed on broker's console is 
>>> could not accept socket:Failed: Unknown NSS error code. [-5938]
>>> (qpid/sys/ssl/SslSocket.cpp:123)
>>>
>>> Now where am i going wrong??
>> If your cert for 'hostname'? if not you should specify the fully 
>> qualified name to declare_queues (as specified in the cert).
>>
>> Other possibilities: is the cert_db readable by the client? does it have 
>> a password?
>>
>> ---------------------------------------------------------------------
>> Apache Qpid - AMQP Messaging Implementation
>> Project:      http://qpid.apache.org
>> Use/Interact: mailto:users-subscribe@qpid.apache.org
>>
>>
>>
> 


---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org


Mime
View raw message