On Fri, 2016-06-10 at 16:47 +0200, Adel Boutros wrote:
>
>
> The page you provided suits my needs.
FYI, the real authority for dispatch configuration is:
python/qpid_dispatch/management/qdrouter.json
The man pages and configuration chapter are generated from that and are
easier to read, but they have some hand-written sections that are out
of date (all fixed or being fixed I think.)
> However, I have a problem running SSL. I have configured the
> dispatcher (0.6.0 RC 4) as follows:
> ssl-profile {
> name: ssl-profile-name certFile:
> CERTIFICATE_DIR/cert_lx.pem keyFile: PRIVATE_KEY_DIR/key_lx.pem}
> listener { host: 0.0.0.0 port: 10399 sasl-mechanisms:
> ANONYMOUS ssl-profile: ssl-profile-name requirePeerAuth:
> no requireSsl: yes}
> Yet, I cannot even cannot using qdmanage:
> qdmanage --ssl-certificate=CERTIFICATE_DIR/cert_lx.pem --ssl-
> key=PRIVATE_KEY_DIR/key_lx.pem -b amqps://0.0.0.0:10399 create --
> type=autoLink addr=queue dir=out connection=localhost.5672.connector
> name=localhost.5672.queue
>
> Exception client-side:
> SSLUnavailable:
>
> Weird incomplete message, no?
>
> Regards,
> Adel
>
> >
> > Date: Fri, 10 Jun 2016 10:11:25 -0400
> > From: [email protected]
> > To: [email protected]
> > Subject: Re: [Qpid-dispatch] Duplication between sslProfile and
> > connector options
> >
> > Hi Adel,
> > You can find the entire list of entities and attributes here -
> >
> > http://qpid.apache.org/releases/qpid-dispatch-master/man/qdrouterd.
> > conf.html
> >
> > I will purge the book of dashed entity/attribute names on the
> > master branch. I have entered a JIRA for this so it can be tracked
> > -
> >
> > https://issues.apache.org/jira/browse/DISPATCH-377
> >
> > Thanks.
> >
> > ----- Original Message -----
> > >
> > > From: "Adel Boutros" <[email protected]>
> > > To: [email protected]
> > > Sent: Friday, June 10, 2016 9:43:38 AM
> > > Subject: RE: [Qpid-dispatch] Duplication between sslProfile and
> > > connector options
> > >
> > > One last section, where in the book can I find the fields for
> > > ssl-profile
> > > configuration? I searched in Configuration Entities and found
> > > everything
> > > except "ssl-profile" fields.
> > > >
> > > > From: [email protected]
> > > > To: [email protected]
> > > > Subject: RE: [Qpid-dispatch] Duplication between sslProfile and
> > > > connector
> > > > options
> > > > Date: Fri, 10 Jun 2016 15:39:13 +0200
> > > >
> > > > Thank you Ganesh,
> > > > Is this documented somewhere? Will the dashed properties be
> > > > removed from
> > > > the Book to avoid such confusion in the future?
> > > > Regards,Adel
> > > >
> > > > >
> > > > > Date: Fri, 10 Jun 2016 08:30:15 -0400
> > > > > From: [email protected]
> > > > > To: [email protected]
> > > > > Subject: Re: [Qpid-dispatch] Duplication between sslProfile
> > > > > and connector
> > > > > options
> > > > >
> > > > > Hi Adel,
> > > > > Going forward please use the camelCase and abandon using
> > > > > dashed
> > > > > properties (like cert-file). Following is an example of
> > > > > the *correct*
> > > > > way to use certFile
> > > > >
> > > > > sslProfile {
> > > > > certFile: /home/gmurthy/opensource/server-certificate.pem
> > > > > keyFile: /home/gmurthy/opensource//server-private-key.pem
> > > > > password: some-password
> > > > > name: client-ssl-profile
> > > > > certDb: /home/gmurthy/opensource/ca-certificate.pem
> > > > > }
> > > > >
> > > > > connector {
> > > > > addr: 127.0.0.1
> > > > > role: inter-router
> > > > > sslProfile: client-ssl-profile # This connector will use
> > > > > the
> > > > > sslProfile with the name client-ssl-profile
> > > > > port: 24976
> > > > > }
> > > > >
> > > > > Notice above that we specified certFile in only one place
> > > > > (inside the
> > > > > sslProfile)
> > > > >
> > > > > Thanks.
> > > > >
> > > > > ----- Original Message -----
> > > > > >
> > > > > > From: "Adel Boutros" <[email protected]>
> > > > > > To: [email protected]
> > > > > > Sent: Friday, June 10, 2016 6:32:06 AM
> > > > > > Subject: [Qpid-dispatch] Duplication between sslProfile and
> > > > > > connector
> > > > > > options
> > > > > >
> > > > > > Hello guys,
> > > > > > In the ssl-profile, we can define some options such as
> > > > > > "cert-file".
> > > > > > When we
> > > > > > define a connector, we can provide the name of ssl-profile
> > > > > > and we can
> > > > > > set
> > > > > > "certFile". What is the behavior if we defined a cert-file
> > > > > > in the
> > > > > > ssl-profile and set the certFile property?
> > > > > > Is setting one of them enough? Or do we really need to set
> > > > > > both?
> > > > > > Regards,Adel
> > > > > -----------------------------------------------------------
> > > > > ----------
> > > > > To unsubscribe, e-mail: [email protected]
> > > > > For additional commands, e-mail: [email protected]
> > > > >
> > > >
> > -----------------------------------------------------------------
> > ----
> > To unsubscribe, e-mail: [email protected]
> > For additional commands, e-mail: [email protected]
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
