Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 0AF10200B59 for ; Mon, 8 Aug 2016 22:54:30 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 09713160A91; Mon, 8 Aug 2016 20:54:30 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 4E202160A77 for ; Mon, 8 Aug 2016 22:54:29 +0200 (CEST) Received: (qmail 13314 invoked by uid 500); 8 Aug 2016 20:54:28 -0000 Mailing-List: contact users-help@qpid.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@qpid.apache.org Delivered-To: mailing list users@qpid.apache.org Received: (qmail 13303 invoked by uid 99); 8 Aug 2016 20:54:28 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 08 Aug 2016 20:54:28 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id CACCB1A5C69 for ; Mon, 8 Aug 2016 20:54:27 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -6.428 X-Spam-Level: X-Spam-Status: No, score=-6.428 tagged_above=-999 required=6.31 tests=[RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024) with ESMTP id Ho5LCYiVuqRR for ; Mon, 8 Aug 2016 20:54:25 +0000 (UTC) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 33F535F3A0 for ; Mon, 8 Aug 2016 20:54:25 +0000 (UTC) Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0C0053919A9 for ; Mon, 8 Aug 2016 20:54:24 +0000 (UTC) Received: from localhost.localdomain (ovpn-116-100.phx2.redhat.com [10.3.116.100]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u78KsN71013068 for ; Mon, 8 Aug 2016 16:54:23 -0400 Subject: Re: qpid-proton 0.12.2 python broker and SSL To: users@qpid.apache.org References: <1470674257224-7648886.post@n2.nabble.com> From: Gordon Sim Organization: Red Hat UK Ltd, Registered in England and Wales under Company Registration No. 3798903, Directors: Michael Cunningham, Michael O'Neill, Eric Shander Message-ID: <712e12bb-c77a-8151-d9f2-5add2666c9a6@redhat.com> Date: Mon, 8 Aug 2016 21:54:22 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.1.1 MIME-Version: 1.0 In-Reply-To: <1470674257224-7648886.post@n2.nabble.com> Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Mon, 08 Aug 2016 20:54:24 +0000 (UTC) archived-at: Mon, 08 Aug 2016 20:54:30 -0000 On 08/08/16 17:37, Tobias Duckworth wrote: > Hi, > > Quick question: > > Is it straightforward to run a python broker that can accept amqps (SSL/TLS) > connections in qpid-proton 0.12.2? > > I've tried with the broker.py example, but get the following client side > error on trying to connect to it: > > connection open: error: gnutls_handshake() failed: A TLS packet with > unexpected length was received. in amqp.openconnection(url) > > The specific error is probably coming from libcurl, which is handling the > socket and SSL/TLS, but I think the implication is that the python example > broker.py does not support secure connections out of the box? You can specify amqp as the scheme for the --address options, e.g. --address amqps://0.0.0.0:5671 However to actually set up a certificate with which to authenticate itself to clients, the example would require some modification. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@qpid.apache.org For additional commands, e-mail: users-help@qpid.apache.org