Thanks for your message Chuck. The following was the trace I obtained from the broker:
2016-01-27 17:17:40 [Network] trace Accepting connection with optional SSL wrapper. 2016-01-27 17:17:40 [Network] trace Accepted SSL connection. 2016-01-27 17:17:40 [Network] info Set TCP_NODELAY on connection to 127.0.0.1:49963 2016-01-27 17:17:40 [System] error Error reading socket: Success(0) 2016-01-27 17:17:40 [System] debug DISCONNECTED [qpid.127.0.0.1:5671-127.0.0.1:49963] By the way, in my original email I forgot to mentioned that I had SSL-related environment variables set up at the client side also (in case somebody thinks that might be the missing piece in the puzzle): QPID_SSL_CERT_DB QPID_SSL_CERT_PASSWORD QPID_SSL_CERT_NAME Still seeing the same issue: "qpid-send: Connect failed to amqp:ssl:localhost:5671: Reconnect disabled" jjw On Wed, Jan 27, 2016 at 4:51 PM, Chuck Rolke <[email protected]> wrote: > On both the broker and client end you can get some information from > logging. > > export QPID_LOG_ENABLE=trace+ > then qpidd and qpid-send > > ----- Original Message ----- > > From: "jjw tectec" <[email protected]> > > To: [email protected] > > Sent: Wednesday, January 27, 2016 5:02:24 PM > > Subject: ssl not working > > > > I'm trying to add encryption, but couldn't get things to work. > > > > I've done the following (for a single broker scenario): > > > > 1) Ran the following script to create a certificate database: > > mkdir ${CERT_DIR} > > certutil -N -d ${CERT_DIR} -f ${CERT_PW_FILE} > > certutil -S -d ${CERT_DIR} -n ${NICKNAME} -s "CN=${NICKNAME}" -t "CT,," > -x > > -f ${CERT_PW_FILE} -z /usr/bin/certutil > > > > 2) in qpidd.conf: > > require-encryption=yes > > ssl-cert-db=${CERT_DIR} > > ssl-cert-password-file=${CERT_PW_FILE} > > ssl-cert-name=${NICKNAME} > > ssl-port=5671 > > > > However, when running the following: > > qpid-send -b localhost:5671 -a 'TestQueue; {node:{type:queue}}' > > --content-string "hello" --connection-options > > "{transport:ssl,protocol:amqp1.0}" > > I got "*qpid-send: Connect failed to amqp:ssl:localhost:5671: Reconnect > > disabled*" > > > > What am I missing? > > > > Thanks, > > > > jjw > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
