qpid-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adel Boutros <adelbout...@live.com>
Subject RE: [qpid-dispatch 0.6.0] Unable to set "sslProfileName" when creating a connector using qdmanage
Date Wed, 13 Jul 2016 14:12:16 GMT
Unfortunately, my connector has to be created on the fly using qdmanage. 

Do you confirm then the only way to do this is to specify individually "certFile", "keyFile"
and "certDb"? (This is how I got it to work)

Regards,
Adel

> Date: Wed, 13 Jul 2016 09:58:35 -0400
> From: gmurthy@redhat.com
> To: users@qpid.apache.org
> Subject: Re: [qpid-dispatch 0.6.0] Unable to set "sslProfileName" when creating a connector
using qdmanage
> 
> 
> 
> ----- Original Message -----
> > From: "Adel Boutros" <adelboutros@live.com>
> > To: users@qpid.apache.org
> > Sent: Wednesday, July 13, 2016 9:46:36 AM
> > Subject: RE: [qpid-dispatch 0.6.0] Unable to set "sslProfileName" when creating
a connector using qdmanage
> > 
> > Hello Ganesh,
> > 
> > Can you please give an example of how I can use the "name" attribute of the
> > sslProfile instead of "sslProfileName"?
> > 
> > Here is the sslProfile defined in the conf file:
> > 
> > sslProfile {
> >     name: ssl-full-broker-profile
> >     certFile: cert_lx_client.pem
> >     keyFile: key_lx_client.pem
> >     certDb: ca-chain.cert.pem
> > }
> 
> You can reference the name of your sslProfile (ssl-full-broker-profile) from your listener
like this example - 
> 
> listener  {
>     sslProfile: ssl-full-broker-profile
>     authenticatePeer: yes
>     saslMechanisms: EXTERNAL
>     role: normal
>     addr: 127.0.0.1
>     port: amqp
> }
> 
> You can also reference an appropriate sslProfile from a connector.
> 
> Thanks.
> 
> > 
> > Regards,
> > Adel
> > 
> > > Date: Wed, 13 Jul 2016 09:24:11 -0400
> > > From: gmurthy@redhat.com
> > > To: users@qpid.apache.org
> > > Subject: Re: [qpid-dispatch 0.6.0] Unable to set "sslProfileName" when
> > > creating a connector using qdmanage
> > > 
> > > Take a look at at
> > > https://github.com/apache/qpid-dispatch/blob/master/python/qpid_dispatch/management/qdrouter.json.
> > > 
> > > It says -
> > > 
> > > "sslProfileName": {
> > >     "type": "string",
> > >     "description": "The name of the ssl profile. This is for internal use
> > >     only. Use the 'name' attribute to assign a name to an sslProfile
> > >     section ",
> > >     "create": false
> > > }
> > > 
> > > As it says, the sslProfileName is for internal use only. You should use the
> > > name instead like here -
> > > 
> > > sslProfile {
> > >     name: my-ssl
> > >     certDb: ca-certificate-1.pem
> > >     certFile: server-certificate-1.pem
> > >     keyFile: server-private-key.pem
> > > }
> > > 
> > > All references to sslProfileName have been removed from this link -
> > > http://qpid.apache.org/releases/qpid-dispatch-master/qdrouterd.conf.5.html
> > > 
> > > Thanks.
> > > 
> > > ----- Original Message -----
> > > > From: "Adel Boutros" <adelboutros@live.com>
> > > > To: users@qpid.apache.org
> > > > Sent: Wednesday, July 13, 2016 9:17:15 AM
> > > > Subject: [qpid-dispatch 0.6.0] Unable to set "sslProfileName" when
> > > > creating a connector using qdmanage
> > > > 
> > > > Hello,
> > > > 
> > > > When I try to create a connector using qdmanage, I am unable to set
> > > > "sslProfileName" which is defined in the configuration file of the
> > > > dispatcher. I get the below error:
> > > > 
> > > > qdmanage create --type=connector role=route-container addr=localhost
> > > > port=10101 name=localhost.broker.10101.connector
> > > > sslProfileName=ssl-full-broker-profile
> > > > 
> > > > BadRequestStatus: Cannot set attribute 'sslProfileName' in CREATE
> > > > 
> > > > In the book, I couldn't find anything indicating that this attribute
> > > > cannot
> > > > be set when performing a CREATE operation
> > > > (https://qpid.apache.org/releases/qpid-dispatch-0.6.0/book/schema.html)
> > > > 
> > > > Regards,
> > > > Adel
> > > > 
> > > > 
> > > > 
> > > 
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> > > For additional commands, e-mail: users-help@qpid.apache.org
> > > 
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org
> For additional commands, e-mail: users-help@qpid.apache.org
> 
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message