Correction to the original mail: If I remove any of the commands, the last command no longer fail.
________________________________ From: Adel Boutros <[email protected]> Sent: Wednesday, February 1, 2017 12:35:35 PM To: [email protected] Subject: Re: [Dispatch router 0.7.0] [Proton 0.16.0] SSL commands failing on the Dispatch Router on Linux Re-attaching the dispatch router log. ________________________________ From: Adel Boutros <[email protected]> Sent: Wednesday, February 1, 2017 12:10:45 PM To: [email protected] Subject: [Dispatch router 0.7.0] [Proton 0.16.0] SSL commands failing on the Dispatch Router on Linux Hello, We have launched our test suite on the dispatch router 0.7.0 and noticed that connections on a Listener configured with SASL External was not working anymore. With the below configuration and script, we have this exception ('SSL Failure: Unknown error.') which keeps occurring. If I remove any of the commands except the one failing, the last one fails. It seems we need to query the Dispatch router once and create 2 entities on it for the 4th operation to fail. If I replace the "create" commands by "delete" operation it doesn't seem to fail. PS: All certificates used here are taken from the qpid-dispatch repository here https://github.com/apache/qpid-dispatch/tree/0.7.0/tests/ssl_certs Exception client-side --------------------------- ConnectionException: Connection amqps://green-lx-slave1:10498/$management disconnected: Condition('amqp:connection:framing-error', 'SSL Failure: Unknown error.') Router config ------------------------- container { worker-threads: 4 containerName: qpid.dispatch.router.10501 } sslProfile { keyFile: server-private-key.pem password: server-password certFile: server-certificate.pem name: ssl-test-profile certDb: ca-certificate.pem } listener { host: 0.0.0.0 port: 10498 saslMechanisms: EXTERNAL sslProfile: ssl-test-profile authenticatePeer: yes requireSsl: yes } router { mode: interior routerId: router.10501 } log { module: DEFAULT enable: trace+ source: false output: dispatch.10501.log } Commands to launch in the below order -------------------------------------------------------- * Restart Dispatch Router * Restart Broker * qdstat -g -b amqp://localhost:10501 * qdmanage --ssl-trustfile=ca-certificate.pem --ssl-certificate=client-certificate.pem --ssl-key=client-private-key.pem --ssl-password=client-password --ssl-disable-peer-name-verify -b amqps://localhost:10498 create --type=address prefix=cluster.SSLMutualQueue waypoint=true name=cluster.SSLMutualQueue.addr * qdmanage --ssl-trustfile=ca-certificate.pem --ssl-certificate=client-certificate.pem --ssl-key=client-private-key.pem --ssl-password=client-password --ssl-disable-peer-name-verify -b amqps://localhost:10498 create --type=connector role=route-container addr=localhost port=10305 name=localhost.10305.connector sslProfile=ssl-test-profile verifyHostName=no * (Failing command) qdmanage --ssl-trustfile=ca-certificate.pem --ssl-certificate=client-certificate.pem --ssl-key=client-private-key.pem --ssl-password=client-password --ssl-disable-peer-name-verify -b amqps://localhost:10498 delete --type=autoLink --name localhost.10305.cluster.SSLMutualQueue.in Dispatch Router log --------------------------- See attached file Regards, Adel
