Re: c++ broker federation over ssl

Mon, 16 Jul 2012 02:03:16 -0700 

hi Martin,

it looks like you have set qpid route ssl link successfully, 
I currently want to set a queue route working between my 2 c++ brokers
running 0.16, after putting  a  lot  of effort  into  it, i  coun't get it
done also.

the scenario is as following:
I started the 2 qpidd with each of following two configure file

qpidd --config ./qpidd.9997.conf 
*** qpidd.9997.conf content ***
data-dir=/root/qpidd_test_dir/9997/data
pid-dir=/root/qpidd_test_dir/9997
auth=yes
realm=devbox
require-encryption=yes
port=5677
log-to-file=/root/qpidd_test_dir/qpidd-9997.log
ssl-cert-db=/root/Downloads/qpid-0.16/cpp/src/tests/test_cert_db
ssl-cert-password-file=/root/Downloads/qpid-0.16/cpp/src/tests/cert.password
ssl-cert-name=127.0.0.1
ssl-port=9997
transport=ssl

qpidd --config ./qpidd.9998.conf 
*** qpidd.9998.conf content ***
data-dir=/root/qpidd_test_dir/9998/data
pid-dir=/root/qpidd_test_dir/9998
auth=yes
realm=devbox
require-encryption=yes
port=5678
log-to-file=/root/qpidd_test_dir/qpidd-9998.log
ssl-cert-db=/root/Downloads/qpid-0.16/cpp/src/tests/test_cert_db
ssl-cert-password-file=/root/Downloads/qpid-0.16/cpp/src/tests/cert.password
ssl-cert-name=127.0.0.1
ssl-port=9998
transport=ssl

we want to set up ssl route between them.
I have set SASL mechanism(PLAIN) for authentication of 2 qpidd broker,
username/password is qpidd/qpidd.

ssl.so is default loaded for two qpidd,
a single db with a single self signed certificate is set up using command of
following:
mkdir test_cert_db
certutil -N -d test_cert_db -f cert.password
certutil -S -d test_cert_db -n "127.0.0.1" \
         -s "CN=127.0.0.1" -t "CT,," -x \
         -f cert.password -z /usr/bin/certutil

what is the right command of federation setting up using transport ssl:
for example, route message for broker(port=5677) to broker(port=5678),
exchange name is "my.exchange"

i have tried command of qpid-route
[root@MQServer1 ~]# qpid-route route add localhost:5678
qpidd/qpidd@localhost:5677 -s -d -t ssl "my.exchange" "#"
Failed: ConnectionFailed - (None, 'No acceptable SASL authentication
mechanism available')

its fail.

can you give some advice of this? is there any successfully working
examples?

thanks
weirong

--
View this message in context: 
http://qpid.2158936.n2.nabble.com/c-broker-federation-over-ssl-tp7201044p7579681.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to