the connectionURL i am using is
amqp://guest:guest@clientid/test?brokerlist='tcp://machine-name.us-west-1.compute.amazonaws.com:5674?ssl='true''
I have ensured that the right machine is used.
the trust store i am using has both the client certificate as well as the CA
certificate
"
keytool -list -keystore trust-store.jks -storepass password
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
rootca, Sep 3, 2012, trustedCertEntry,
Certificate fingerprint (MD5):
83:0E:47:F0:6F:00:63:BB:05:B6:8D:E2:F4:8B:E8:3D
java-client, Sep 3, 2012, trustedCertEntry,
Certificate fingerprint (MD5):
C2:4E:DF:D8:60:39:58:B5:BB:64:C8:25:21:E4:42:80
"
I followed the instructions in 2.4 and did an additional step of importing
the CA's certificate into the keystore. which can be verified from the
output
"keytool -list -keystore key-store.jks -storepass password
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
rootca, Sep 3, 2012, trustedCertEntry,
Certificate fingerprint (MD5):
83:0E:47:F0:6F:00:63:BB:05:B6:8D:E2:F4:8B:E8:3D
java-client, Sep 3, 2012, PrivateKeyEntry,
Certificate fingerprint (MD5):
C2:4E:DF:D8:60:39:58:B5:BB:64:C8:25:21:E4:42:80
"
In spite of all of these changes, the original problem of "PKIX path
building failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable to find valid certification path to requested target" remains. I have
rerun all the steps from
http://rajith.2rlabs.com/2010/03/01/apache-qpid-securing-connections-with-ssl/
SSL-Howto page.
Please suggest any relevant debugging/modifications.
Thanks,
Naveen
--
View this message in context:
http://qpid.2158936.n2.nabble.com/Unable-to-Setup-SSL-between-Java-Client-and-C-broker-tp7581558p7581610.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
