Hi All,
currently I am trying to connect to a third party AMQP broker using a
c++ client with qpid 0.28.
The broker is configured to use ssl. The client uses a self signed
certificate. This certificate is available in the broker.
I created the self signed certificate and added it into my certificate
db. I also added the third party broker certificate.
clientCertDb/Broker.crt
clientCertDb/Client.crt -t ",,"
Then I set the environment for the client:
export QPID_SSL_CERT_DB=./clientCertDb
export QPID_SSL_CERT_NAME=ClientCert
export QPID_SSL_CERT_PASSWORD_FILE=./pwfile
The client fails to connect to the server. The client library log says:
Driver started
Starting connection to amqp:ssl:<ipaddr>:<port>
Connecting to ssl:<ipaddr>:<port>
ssl:<ipaddr>:<port> Connecting ...
Connecting: <ipaddr>:<port>
Exception constructed: Failed: NSS error [-8179]
(qpid-0.28/qpid-0.28/cpp/src/qpid/sys/ssl/SslSocket.cpp:156)
Failed to connect: Failed: NSS error [-8179]
(qpid-0.28/qpid-0.28/cpp/src/qpid/sys/ssl/SslSocket.cpp:156)
Driver stopped
I do not get what is going wrong. As far as I understood I do not have
to give the c++ client any hint where to find the broker certificate.
Is this right?
Unfortunately the error message in the client log is not helpful for me.
I don't see any details what the problem is.
I tried to get more information using openssl s_client:
clientCertDb/Client.crt -debug -key Client.key -CApath clientCertDb/
It says:
Verify return code: 20 (unable to get local issuer certificate)
Does anyone of you know how to configure this or how I can get more
information?
Regards,
Andreas
Diese E-Mail ist frei von Viren und Malware, denn der avast! Antivirus Schutz ist aktiv.
http://www.avast.com
currently I am trying to connect to a third party AMQP broker using a
c++ client with qpid 0.28.
The broker is configured to use ssl. The client uses a self signed
certificate. This certificate is available in the broker.
I created the self signed certificate and added it into my certificate
db. I also added the third party broker certificate.
clientCertDb/Broker.crt
clientCertDb/Client.crt -t ",,"
Then I set the environment for the client:
export QPID_SSL_CERT_DB=./clientCertDb
export QPID_SSL_CERT_NAME=ClientCert
export QPID_SSL_CERT_PASSWORD_FILE=./pwfile
The client fails to connect to the server. The client library log says:
Driver started
Starting connection to amqp:ssl:<ipaddr>:<port>
Connecting to ssl:<ipaddr>:<port>
ssl:<ipaddr>:<port> Connecting ...
Connecting: <ipaddr>:<port>
Exception constructed: Failed: NSS error [-8179]
(qpid-0.28/qpid-0.28/cpp/src/qpid/sys/ssl/SslSocket.cpp:156)
Failed to connect: Failed: NSS error [-8179]
(qpid-0.28/qpid-0.28/cpp/src/qpid/sys/ssl/SslSocket.cpp:156)
Driver stopped
I do not get what is going wrong. As far as I understood I do not have
to give the c++ client any hint where to find the broker certificate.
Is this right?
Unfortunately the error message in the client log is not helpful for me.
I don't see any details what the problem is.
I tried to get more information using openssl s_client:
clientCertDb/Client.crt -debug -key Client.key -CApath clientCertDb/
It says:
Verify return code: 20 (unable to get local issuer certificate)
Does anyone of you know how to configure this or how I can get more
information?
Regards,
Andreas
Diese E-Mail ist frei von Viren und Malware, denn der avast! Antivirus Schutz ist aktiv.
http://www.avast.com