I believe you need to call set_peer_authentication http://qpid.apache.org/releases/qpid-proton-0.33.0/proton/python/docs/proton.html#proton.SSLDomain, with SSLDomain.VERIFY_PEER_NAME or SSLDomain.VERIFY_PEER depending on whether you want host verification or not.
The tests at https://github.com/apache/qpid-proton/blob/0.33.0/python/tests/proton_tests/ssl.py might be useful to look at. On Thu, 18 Feb 2021 at 15:40, Dedeepya Tunga <[email protected]> wrote: > > Small clarification on my query. > TLS infact is working on the proton by default without providing any of the > self signed certificates, whilst the expectation is to get certificate error. > Please find below the code snippet usedfor enabing SSL connections on proton > hello world def on_start(self, event): my_domain = > proton.SSLDomain(mode=proton.SSLDomain.MODE_CLIENT) > my_domain.set_trusted_ca_db('/etc/ssl/certs/selfsigned.pem') > > conn = event.container.connect(url="amqps://localhost:5672", > user="foo", > password="token", > ssl_domain=my_domain) > > On Thursday, 18 February, 2021, 08:10:03 pm IST, Dedeepya Tunga > <[email protected]> wrote: > > Hi folks, > Am trying to connect to qpid broker from proton via a Tls enabled port. > However I see that proton is making plain connection by default, which is > connected using ssl on broker side. > * How do I enforce tls connection from proton ?* How can I specify the cert > location ?* How do we enable/disable hostname validation for the certs.? > Regards,Dedeepya.T > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
