qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wesley Holevinski <Wes...@adaptiveapps.com>
Subject Federation over SSL not working (0.28)
Date Tue, 29 Jul 2014 14:52:45 GMT

All,

I'm attempting to get federation working over SSL and am getting the following error:

Failed: SSL peer cannot verify your certificate. [-12271] (/builddir/build/BUILD/qpid-0.28-rc2/cpp/src/qpid/sys/ssl/SslSocket.cpp:156)

I am already able to connect a C++ client, a java client, and a python client to the broker
via SSL so I'm fairly certain it doesn't have to do with any SSL setup.

It's my understanding that qpidd will spin up a client to pull messages from the src_broker
when creating a queue route with federation.  My assumption is that qpidd will use the /etc/qpid/qpidc.conf
file to pull the ssl settings; here are mine (NOTE: these match what's in the c++ client verbatim):

ssl-cert-name=QpidCppClient
ssl-cert-db=/tmp/qpidd_ssl/client_db
ssl-cert-password-file=/tmp/qpidd_ssl/client_db/client_db_passwd


Any ideas on where I'm going wrong?  Previously there was a bug where qpidd would try to use
the wrong cert db for this SSL client connection I believe, and qpidd would shutdown.  So
this is the farthest I've gotten down this path since I'm using 0.28 now.

Is there a way to tell if qpidc.conf is even being loaded by qpidd?

Thanks,
Wes Holevinski
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
For additional commands, e-mail: users-help@qpid.apache.org


Mime
View raw message