So I got NSS working correctly now and have imported the CA certificate used for the servers cert into the database. However, when I start up the broker I still get an error initializing the plugin: Failed to load certificate '<hostname>'
I guess this goes back to part of my original question, in order to connect over ssl to another broker do I also have to have ssl properly set up on the client broker? (that's what this error message leads me to believe) Thanks, -Brandon On Wed, Sep 21, 2011 at 9:38 PM, Brandon Pedersen <[email protected]> wrote: > It looks like there is a problem with the nss library on the machine. > I will have to figure out what is going on but in the broker log I > also saw this message: > Failed to initialise SSL plugin: Failed: NSS error [-8023] > (qpid/sys/ssl/util.cpp:103) > > That error code is the same thing I get when trying to use certutil > which maps to the error:A PKCS #11 module returned CKR_DEVICE_ERROR, > indicating that a problem has occurred with the token or slot. > > I have no idea what that means but I will try and figure something out > > -Brandon > > On Wed, Sep 21, 2011 at 9:16 PM, Brandon Pedersen <[email protected]> wrote: >> Hi, its me again :) >> >> So now that I have a queue route working between my 2 c++ brokers >> running 0.12 I would like to make the link between the brokers go over >> ssl. I have enabled ssl on the destination broker and would like the >> source broker to connect over ssl. I don't need or want to have the >> source broker configured to use ssl if I can avoid it, I only need the >> destination broker to be using ssl. >> >> So the working command I have to create the queue push route is this: >> qpid-route -d -s queue add 192.168.2.2 192.168.2.1 mytopic everything >> >> I would have thought the following command would work to enable an ssl >> connection to the destination broker (which is running ssl on port >> 5671): >> qpid-route -d -s -t ssl queue add 192.168.2.2:5671 192.168.2.1 mytopic >> everything >> >> However, the link and route is not setup and in the source broker's >> log I see this message: >> error Transport 'ssl' not supported >> >> I am not sure why though. Is there some library I need to make sure is >> available? I have cross-compiled the broker and I'm not sure if all >> the libraries for ssl have been properly compiled in or moved to the >> target machine. >> >> Thanks, >> >> -Brandon >> > --------------------------------------------------------------------- Apache Qpid - AMQP Messaging Implementation Project: http://qpid.apache.org Use/Interact: mailto:[email protected]
