users@qpid.apache.org
> Sent: Monday, June 27, 2016 10:02:49 AM
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> You are right. Nevertheless, working with security is never easy as there are
> so many options to configure and a lot of points to be careful at
ever have found it without your help! :)
> >
> > Do you think it could be worth submitting a Jira issue for clearer error
> > messages?
> >
> > Regards,
> > Adel
> >
> > > From: adelbout...@live.com
> > > To: users@qpid.apache.org
2 intermediate
certificates.)
Thanks.
- Original Message -
> From: "Adel Boutros" <adelbout...@live.com>
> To: users@qpid.apache.org
> Sent: Friday, June 24, 2016 12:19:24 PM
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
&
; Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 18:14:11 +0200
>
> Solved it!!
>
> The order of the certificates in the chain file ca-chain.cert.pem is
> important. I inverted the order of the certificates by putting the
tie...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 16:09:00 +
>
> Following your lines :
>
> SUCCESS
> --> qdstat -c
> --ssl-trustfile=PATH_TO_CERT_DIR/ganesh/ca-cer
Linkedin : paolopatierno
Blog : DevExperience
> From: adelbout...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 18:03:43 +0200
>
> Yes, everything is ran on the same machine. I had configured a singl
tierno
> Blog : DevExperience
>
> > From: adelbout...@live.com
> > To: users@qpid.apache.org
> > Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> > Date: Fri, 24 Jun 2016 17:56:56 +0200
> >
> >
> >
> > Nope, I
> > am us
Senior Software Engineer (IoT) @ Red Hat
Microsoft MVP on Windows Embedded & IoTMicrosoft Azure Advisor
Twitter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperience
> From: adelbout...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration
ey are corrupt and that the qdstat is
unable to load them and is thus failing before sending anything?
Regards,
Adel
> From: ppatie...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 15:41:51 +
>
>
rosoft MVP on Windows Embedded & IoTMicrosoft Azure Advisor
Twitter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperience
> From: adelbout...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016
Paolo,
There is no traffic in the case of the failure. So I cannot provide a pncap
file :(
> From: adelbout...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 17:35:56 +0200
>
> It seem
It seems like attachments are not really working. You can check the images
here: http://imgur.com/a/WlssO
Adel
From: adelbout...@live.com
To: users@qpid.apache.org
Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
Date: Fri, 24 Jun 2016 17:31:45 +0200
Wireshark Pictures
edin : paolopatierno
Blog : DevExperience
From: adelbout...@live.com
To: users@qpid.apache.org
Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
Date: Fri, 24 Jun 2016 17:31:45 +0200
Wireshark Pictures attached.
Adel
From: adelbout...@live.com
To: users@qpid.apache.org
Subject
Success
===
Failure
> From: adelbout...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 17:26:44 +0200
>
> I fixed the CN part (Thanks Paol
in
the failure case (Wireshark display filter: "tcp.port == 10398")
Regards,
Adel
> Date: Fri, 24 Jun 2016 11:17:18 -0400
> From: gmur...@redhat.com
> To: users@qpid.apache.org
> Subject: Re: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> Good catch Paolo, I should note h
From: gmur...@redhat.com
> To: users@qpid.apache.org
> Subject: Re: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> Good catch Paolo, I should note here that qdstat and qdmanage commands do
> *not* do hostname verification by default. I submitted a pull request for
> ht
Patierno" <ppatie...@live.com>
> To: users@qpid.apache.org
> Sent: Friday, June 24, 2016 11:09:56 AM
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> Hi Adel,
>
> is this just a typo or the real CN you are using ?
>
> /CN=CN=12
rosoft MVP on Windows Embedded & IoTMicrosoft Azure Advisor
Twitter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperience
> From: ppatie...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Fri, 24 Jun 2016 15:03:44 +0
tter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperience
From: adelbout...@live.com
To: users@qpid.apache.org
Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
Date: Fri, 24 Jun 2016 16:48:54 +0200
Thank you Paolo.
@Ganesh,
I was able to successfully connect using your
log : DevExperience
>
> > From: adelbout...@live.com
> > To: users@qpid.apache.org
> > Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> > Date: Fri, 24 Jun 2016 13:03:29 +0200
> >
> > Hello Ganesh,
> >
> > Thank you for your
? Is is just the intermediate certificate?
Or the root certificate? Or a combination of both?
Regards,
Adel
> Date: Thu, 23 Jun 2016 14:07:20 -0400
> From: gmur...@redhat.com
> To: users@qpid.apache.org
> Subject: Re: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> Hi
t;Ganesh Murthy" <gmur...@redhat.com>
> To: users@qpid.apache.org
> Sent: Thursday, June 23, 2016 10:17:06 AM
> Subject: Re: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> I also want to add that there is a file called
> qpid-dispatch/tests/ssl_certs/gencerts.sh
these self signed certs and also cover
various SASL scenarios.
Thanks.
- Original Message -
> From: "Ganesh Murthy" <gmur...@redhat.com>
> To: users@qpid.apache.org
> Sent: Thursday, June 23, 2016 10:05:08 AM
> Subject: Re: [Qpid-Dispatch] SSL/SASL configu
can make sure that your
root CA is never compromised.
Thanks.
- Original Message -
> From: "Adel Boutros" <adelbout...@live.com>
> To: users@qpid.apache.org
> Sent: Thursday, June 23, 2016 9:56:02 AM
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration
and test again.
Thanks for the helpful explanation!
Regards,
Adel
> From: ppatie...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Thu, 23 Jun 2016 13:31:56 +
>
> Hi Adel,
>
> I'm a bit confuse
Microsoft MVP on Windows Embedded & IoTMicrosoft Azure Advisor
Twitter : @ppatierno
Linkedin : paolopatierno
Blog : DevExperience
> From: adelbout...@live.com
> To: users@qpid.apache.org
> Subject: RE: [Qpid-Dispatch] SSL/SASL configuration on a listener
> Date: Thu, 23 Jun 201
thread, steps to generate server
certificate and use it in the dispatcher. I think something similar here is the
easiest solution.
Regards,
Adel
> From: ja...@scholz.cz
> Date: Thu, 23 Jun 2016 14:27:11 +0200
> Subject: Re: [Qpid-Dispatch] SSL/SASL configuration on a listener
&g
jks contains the cert_ssl_encryption.pem and
> clientKeyStore.jks contains the sasl certificate (cert_sasl.pem) which is
> aliased by "client"
>
> Should I merge cert_sasl.pem and cert_ssl_encryption.pem in the
> ssl-profile?
>
> Regards,
> Adel
>
> > Date: Wed, 22 Jun 2016 1
rge cert_sasl.pem and cert_ssl_encryption.pem in the ssl-profile?
Regards,
Adel
> Date: Wed, 22 Jun 2016 11:23:16 -0400
> From: gmur...@redhat.com
> To: users@qpid.apache.org
> Subject: Re: [Qpid-Dispatch] SSL/SASL configuration on a listener
>
> "Of course I want to use a cert
29 matches
Mail list logo
