ft420 wrote:
hi,
Sorry for the delay in reply.
Could you please be more explainatory regarding what exactly has to be
checked?
Check what certs you have in the database:
certutil -L -d /root/cert_db
Specifically do you have one named 'hostname' or are you using that as
shorthand for the real hostname of your machine? If so check the CN set
on the certificate:
certutil -L -d /root/cert_db -n hostname
The value specified for CN (usually the fully qualified name of the
machine qpidd is running on) needs to be used when you connect (and for
the declare_queues example program should be passed in on the command line).
I am new to ssl concept so i donot know much about it. i did whatever was
mentioned in SSL text file availble in qpid installable folder for C++.
Awaiting your response
Thanks
Gordon Sim wrote:
ft420 wrote:
./qpidd --auth no --port 5004 --ssl-port 5005 --ssl-cert-db /root/cert_db
--ssl-cert-password-file cert_password --ssl-cert-name hostname
broker starts listening on port 5005 for ssl connections and listening on
TCP port 5004.
now for client connection
we are executing following steps
export QPID_SSL_CERT_DB=/root/cert_db
./declare_queues hostname 5005 hangs execution and on closing this error
displayed on broker's console is
could not accept socket:Failed: Unknown NSS error code. [-5938]
(qpid/sys/ssl/SslSocket.cpp:123)
Now where am i going wrong??
If your cert for 'hostname'? if not you should specify the fully
qualified name to declare_queues (as specified in the cert).
Other possibilities: is the cert_db readable by the client? does it have
a password?
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
