qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Stitcher <astitc...@redhat.com>
Subject Re: Qpid Enquiry
Date Mon, 21 May 2012 20:04:53 GMT
On Tue, 2012-05-15 at 16:52 +0800, Wielly wrote:
> ...
> Any user is familiar with setting up QPID "SSL" under windows environment
> before? Can any user help me to explain in stepwise how to configure? I
> heard this is possible to be done under windows.
> 

I've only got experience with setting up a test installation of SSL for
the windows broker, but it can be a lot simpler than the instructions
from Cliff:

You need to have the "makecert" tool on your windows machine somewhere.
It is included in the visual studio tools. The easiest thing to get to
it is to start a "Visual Studio Command Prompt" - make sure that you do
this as administrator for the moment as you have to install the
certificates in the Local Machine certificate store presently.

Assume your machine is called "birdcage" (the name of my test windows
VM)

then you just run:

makecert -r -pe -sr LocalMachine -ss My -sk birdcage -n "CN=birdcage"

This will create a new self signed certificate and put it in the correct
store and location.

the -r makes the certificate self signed, the -pe makes the private key
exportable. I think the -pe and the -sk options aren't strictly
necessary.

Now you can just go and use that certificate.

Currently you have to run the broker as administrator, but that should
be fixed soon on trunk:

Assuming you've used your machine name as the certificate name then you
should be able to start the broker with no extra parameters:

qpidd

However you can use an arbitrary certificate name or store name:

qpidd --ssl-cert-store <StoreName> --ssl-cert-name <CertificateName>

Andrew



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message