qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ken Giusti <kgiu...@redhat.com>
Subject Re: sasl negotiation failed
Date Thu, 10 Sep 2015 19:33:34 GMT
Seems likely that your SSL database is password protected.

You need to use the --ssl-cert-password-file broker option.  Create a file that contains the
password, then pass the path to that file via --ssl-cert-password-file

-K

----- Original Message -----
> From: "kbr" <kiran_bharwani@hotmail.com>
> To: dev@qpid.apache.org
> Sent: Thursday, September 10, 2015 3:11:42 PM
> Subject: sasl negotiation failed
> 
> Hello all,
> 
> I am running qpidd with SSL. I get an error when trying to add a queue. I am
> not sure what I am missing:
>  
> user@user-VirtualBox:~/workspace/AMQP/qpid-cpp-0.34/build/src$ sudo ./qpidd
> --config /etc/qpidd.conf --load-module
> /home/mmos/workspace/AMQP/qpid-cpp-0.34/build/src/amqp.so --ssl-cert-db
> /etc/certs/ --ssl-cert-name mmos
> 2015-09-10 13:55:26 [Broker] notice Broker (pid=4747) start-up
> Please enter the password for accessing the certificate database:
> 2015-09-10 13:55:29 [Security] notice Listening for SSL or TCP connections
> on TCP/TCP6 port 5671
> 
> 
> user@user-VirtualBox:/etc$ sudo qpid-config add queue testqueue -a
> 127.0.0.1:5671
> Failed: AuthenticationFailure: sasl negotiation failed: no mechanism agreed
> 
> I can enable trace on qpidd if needed.
> 
> Here is the qpidd.conf
> # /etc/qpidd.conf
> #
> # Set the SASL realm using 'realm='
> 
> auth=yes
> require-encryption=yes
> realm=QPID
> #sasl-config=/etc/qpid/sasl
> port=5671
> transport=ssl
> 
> 
> Thanks for your help in advance.
> 
> 
> 
> --
> View this message in context:
> http://qpid.2158936.n2.nabble.com/sasl-negotiation-failed-tp7630705.html
> Sent from the Apache Qpid developers mailing list archive at Nabble.com.
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
> For additional commands, e-mail: dev-help@qpid.apache.org
> 
> 

-- 
-K

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message