On 10/04/2011 11:36 PM, Bruno França wrote:
Hi,
when I set ssl-require-client-authentication and require-encryption on
my Qpid C++ broker and try to connect to it using qpid-stat, I get the
following error:
$ export QPID_SSL_CERT_DB=/path/to/mycert_db
$ export QPID_SSL_CERT_NAME=mycert
$ ./bin/qpid-stat -q amqps://bruno.mz.digirati.com.br
Failed: SSLError - [Errno 1] _ssl.c:499: error:14094412:SSL
routines:SSL3_READ_BYTES:sslv3 alert bad certificate
Seems like the client certificate is being ignored. Is there a way to
inform qpid-stat which certificate to use? The above command works if I
disable ssl-require-client-authentication. I'm using SVN rev 1177431 on
Ubuntu 11.04 x86_64.
Unfortunately the python client (which qpid-stat uses) does not support
client authentication with SSL (the env vars above are only valid for
the C++ client and those APIs that wrap it).
There is a JIRA open for this and a (modified) patch attached:
https://issues.apache.org/jira/browse/QPID-3175. Rafi, are you happy
with that now? Could we push to get that in for 0.14, it's been around a
while now and would be an important gap to close.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:[email protected]
