[jira] [Commented] (QPID-6261) Federation with SSL is failing between two brokers

Tue, 09 Dec 2014 10:53:26 -0800 

    [ 
https://issues.apache.org/jira/browse/QPID-6261?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14239831#comment-14239831
 ] 

Brent Driskill commented on QPID-6261:
--------------------------------------

Thank you Gordon. I will test out your suggestions above and let you know.




> Federation with SSL is failing between two brokers
> --------------------------------------------------
>
>                 Key: QPID-6261
>                 URL: https://issues.apache.org/jira/browse/QPID-6261
>             Project: Qpid
>          Issue Type: Bug
>          Components: C++ Broker
>    Affects Versions: 0.30
>         Environment: CentOS 7
>            Reporter: Brent Driskill
>            Priority: Critical
>         Attachments: qpidd10000.conf, qpidd10002.conf
>
>
> I am unable to get federation to work between two brokers that are SSL 
> enabled with different SASL configurations.
> Reproduction Steps:
> 1. Deploy two separate brokers on the same machine. One has port 10000 
> (destination broker) and one has port 10002 (source broker). The 
> configuration for both these brokers are attached. The acl file for broker 
> 10000 has "acl allow all all" and the other has "acl allow all all" for a 
> specific user.
> 2. Execute python scripts to create the queues and exchanges
> 3. Execute the following qpid-route command to federate between the two:
> {noformat}
> qpid-route queue add amqps://<username>/<password>@<ip>:10000 
> amqps://<username>/<password>@<ip>:10002  <destination_exchange> 
> <source_queue> -t ssl --ssl-certificate <path_to_pem>
> {noformat}
> The qpid-route throws the following error:
> {noformat}
> Failed: ConnectionFailed - (None, 'connection aborted')
> {noformat}
> I see the following error in the logs for broker 10000 around the same time 
> (not sure if it is related or not)
> {noformat}
> 2014-12-02 14:18:07 [System] error Connection 
> qpid.192.168.10.104:10000-192.168.10.104:33642 No protocol received closing
> 2014-12-02 14:18:07 [System] debug DISCONNECTED 
> [qpid.192.168.10.104:10000-192.168.10.104:33642]
> {noformat}
> If I disable SSL, everything works perfectly (with the sasl configurations 
> the same). The c++ clients are able to connect to both brokers correctly 
> using the pem file.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

Reply via email to