Ted Ross created DISPATCH-743:
---------------------------------
Summary: Intermittent SSL Failure
Key: DISPATCH-743
URL: https://issues.apache.org/jira/browse/DISPATCH-743
Project: Qpid Dispatch
Issue Type: Bug
Components: Container
Affects Versions: 0.8.0
Reporter: Ted Ross
Fix For: 1.0.0
I'm seeing intermittent instances of 'SSL Failure: Unknown error.' when using
SSL to access the router. This test uses the SSL certificates checked into the
tests/ssl_certs directory.
Router Configuration:
{noformat}
ssl_profile {
name: SSL
certDb: /path_to/ssl_certs/ca-certificate.pem
certFile: /path_to/ssl_certs/server-certificate.pem
keyFile: /path_to/ssl_certs/server-private-key.pem
password: server-password
}
listener {
host: ::
port: amqps
authenticatePeer: yes
saslMechanisms: EXTERNAL
sslProfile: SSL
requireSsl: yes
}
{noformat}
The client command line is:
{noformat}
qdstat -b amqps://localhost -c --ssl-certificate=client-certificate.pem
--ssl-key=client-private-key.pem --ssl-password=client-password
--ssl-trustfile=ca-certificate.pem
{noformat}
This operates correctly because the configured server hostname is "localhost".
To reproduce this error, replace "localhost" with "127.0.0.1" in the command
line. This will correctly result in a certificate verification error due to
the name mismatch. Then repeat the command with "localhost" again. This first
attempt to use the correct name often results in the unexpected failure.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
