On Thu, Jun 24, 2021 at 12:08 PM rahul.sin...@morganstanley.com <rahul.sin...@morganstanley.com> wrote: > ldd for libqpidmessaging.so gives me libqpid-proton-core.so.10 alongwith > other qpid libs- libqpidtypes.so.1, libqpidclient.so.2 and libqpidcommon.so.2. > However, until I uncomment " protocol-defaults=amqp1.0,amqp0-10" from the > qpidc.conf available in installedpath/etc/qpid/qpidc.conf, the ampq1.0 is not > selected. This is the file whereI actually have to add additional ssl config > details as well, including the ssl-cert-db. > > This is inline with current implementation of ConnectionOptions::set method > in src/qpid/messaging/ConnectionOptions.cpp. There is no option for > "protocol" field there (which is supposed to specify the amqp1.0 option).
Yes, the protocol actually gets used to create the right type of connection, so you need to specify it in the options passed to the constructor, rather than trying to set it after the connection has already been created. > After going through the ssl.txt descriptions, > My major issue/trouble is with the creation of certificate database (through > certutil tool). This should be pointed out by --ssl-cert-db in the qpidc.conf > and all relevant certificate and keys should be available there. > Now, I already have created a cert (and made it available for the server at > other end of the connection) and have a key for it. I also have a trusted > cert from the server. Now, it seems that I will need to somehow inject these > cert and key to the cert database. However, looking at ways to do that, > certutil --help, I see an option to add an existing trusted certificate to > the database (-A option), but do not see any option to add the key to created > certification needed by the server at other end. You can use pk12util to add in a pkcs12 key. (If it is pem format you can convert it using openssl). --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@qpid.apache.org For additional commands, e-mail: users-h...@qpid.apache.org
