----- Original Message -----
> From: "TheLoneStranger" <mark.she...@edftrading.com>
> To: proton@qpid.apache.org
> Sent: Tuesday, May 27, 2014 6:37:02 AM
> Subject: Help connecting with SSL
> Hello,
> I have written a C++ test client which connects to a C# server.
> The server is configured with Microsoft Service Bus and Active directory.
> The connection parameters I have are below..
> Endpoint=sb://<MACHINE_NAME>/PerfTest;StsEndpoint=https://<MACHINE_NAME>:9355/PerfTest;RuntimePort=5671;ManagementPort=9355;TransportType=Amqp
> I have downloaded the send.c example from the website, but this does not
> have the SSL configuration.
> (http://qpid.apache.org/releases/qpid-proton-0.5/messenger/c/examples/)
> I know the certificate setup is correct as I have a C# client working on the
> machine.
> So far in the code for the test client, I have added calls to the following
> certificate API's
>       pn_messenger_set_private_key
>       pn_messenger_set_certificate
>       pn_messenger_set_trusted_certificates

Can you post your code that sets up SSL?

> However, the code is always failing in messenger.c:pn_transport_config.

Can you post output of the failure - what error(s) are you getting.

> I can see that I need to configure the SSL calls, but I cannot work this out
> from the documentation.

There's test Messenger clients written in C that you can use to test out SSL.  
These are the msgr-send and msgr-recv clients (in the tests/tools/apps/c 
directory of the source repo).  

If you want your client to authenticate the server, you'll need to provide the 
CA database (a PEM file) via the -T option.  Optionally, if you want the server 
to authenticate the client, you'll also have to provide the client's 
self-identifying certificate (also a PEM file) via the -C option, the private 
key used to sign the client's self-identifying certificate (PEM file) if not 
already present in the certificate itself.  Finally, you'll need to provide the 
password used to unlock the client's certificate (via the -P argument).

Also - although it is written in Python - there is a test that checks SSL 
authentication in the tests/python/proton_tests/ssl.py file.  You may also want 
to see the README.txt file in tests/proton/python_tests/ssl_db for details 
regarding how to configure your certs.

> Any help would be much appreciated.
> TheLoneStranger
> --
> View this message in context:
> http://qpid.2158936.n2.nabble.com/Help-connecting-with-SSL-tp7608636.html
> Sent from the Apache Qpid Proton mailing list archive at Nabble.com.


Reply via email to