qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Graham Leggett <minf...@sharp.fm>
Subject qpid startup: error Failed to initialise SSL plugin: Failed to load certificate 'Server-Cert'
Date Wed, 09 Oct 2013 13:27:51 GMT
Hi all,

I am trying to configure an SSL enabled version of the qpid-cpp broker, and I am struggling
to get it to work. The broker starts and runs as follows:

qpidd    17764  0.3  2.3 239728 11692 ?        Ssl  13:15   0:00 /usr/sbin/qpidd --data-dir
/var/lib/qpidd --daemon --ssl-cert-db sql:/etc/pki/nssdb --ssl-cert-name Server-Cert --ssl-port
5672 --ssl-require-client-authentication --ssl-sasl-no-dict

The logfile complains as follows:

Oct  9 13:15:29 localhost qpidd[17764]: 2013-10-09 13:15:29 error Failed to initialise SSL
plugin: Failed to load certificate 'Server-Cert' (qpid/sys/ssl/SslSocket.cpp:184)
Oct  9 13:15:29 localhost qpidd[17764]: 2013-10-09 13:15:29 notice Broker running

Unfortunately the error "Failed to load certificate 'Server-Cert'" is incomplete as it refuses
to reveal why it failed to load the server-cert, leaving me stuck.

The NSS database at sql:/etc/pki/nssdb contains the server certificate, the CA certificate,
and the full intermediate chain, and the CA cert is trusted:

-bash-4.1$ certutil -L -d sql:/etc/pki/nssdb 

Certificate Nickname                                         Trust Attributes
                                                             SSL,S/MIME,JAR/XPI

"Server-Cert"                                                u,u,u
[snip]   ,,   
[snip]        ,,   
CA-Cert                                                      CT,, 

Anyone have any ideas?

Regards,
Graham
--


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org


Mime
View raw message