You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by Dean Francis <de...@fidessa.com> on 2012/02/06 13:00:06 UTC

Using multiple SSL certificates concurrently

Hi everyone,

 

I would like to connect to a broker with a C++ client as multiple users
simultaneously. Each user has their own SSL certificate. I am using a
different qpid::messaging::Connection for each user and using setOption
to select the different certificates. My problem is that after the first
user connects, any subsequent users perform a quick SSL handshake and
are not asked for their certificates by the broker, instead being
authenticated as the first user. Is there any way to force a full
handshake for all connections? 

 

Thanks,

Dean

********************************************************************************************************************************************************************************************
This message is intended only for the stated addressee(s) and may be confidential.  Access to this email by anyone else is unauthorised. Any opinions expressed in this email do not necessarily reflect the opinions of Fidessa. Any unauthorised disclosure, use or dissemination, either whole or in part is prohibited. If you are not the intended recipient of this message, please notify the sender immediately.

Fidessa plc - Registered office:
Dukes Court, Duke Street, Woking, Surrey, GU21 5BH, United Kingdom
Registered in England no. 3781700 VAT registration no. 688 9008 78

Fidessa LatentZero Limited  - Registered office:
Dukes Court, Duke Street, Woking, Surrey, GU21 5BH, United Kingdom
Registered in England no. 3656437 VAT registration no. 688 9008 78

Fidessa group plc - Registered Office:
Dukes Court, Duke Street, Woking, Surrey, GU21 5BH, United Kingdom
Registered in England no. 3234176 VAT registration no. 688 9008 78

Re: Using multiple SSL certificates concurrently

Posted by Dean Francis <de...@fidessa.com>.
I can't really give very much, but all I would like to be able to do is make
this work:

    const char* url = "amqp:ssl:192.168.183.12:5671";
    qpid::messaging::Connection conn1(url);
    conn1.setOption("transport","ssl");
    conn1.setOption("sasl-mechanism","EXTERNAL");
    conn1.setOption("ssl-cert-name","cert1");
    qpid::messaging::Connection conn2(url);
    conn2.setOption("transport","ssl");
    conn2.setOption("sasl-mechanism","EXTERNAL");
    conn2.setOption("ssl-cert-name","cert2");
    conn1.open();
    conn2.open();

Thanks

--
View this message in context: http://qpid.2158936.n2.nabble.com/Using-multiple-SSL-certificates-concurrently-tp7258354p7258385.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

Re: Using multiple SSL certificates concurrently

Posted by si...@gmail.com.
Hi,

Can you send the source code of the application, so that I can give a
better solution.

Regards,
Sinduja.R

On Mon, Feb 6, 2012 at 5:30 PM, Dean Francis <de...@fidessa.com>wrote:

> Hi everyone,
>
>
>
> I would like to connect to a broker with a C++ client as multiple users
> simultaneously. Each user has their own SSL certificate. I am using a
> different qpid::messaging::Connection for each user and using setOption
> to select the different certificates. My problem is that after the first
> user connects, any subsequent users perform a quick SSL handshake and
> are not asked for their certificates by the broker, instead being
> authenticated as the first user. Is there any way to force a full
> handshake for all connections?
>
>
>
> Thanks,
>
> Dean
>
>
> ********************************************************************************************************************************************************************************************
> This message is intended only for the stated addressee(s) and may be
> confidential.  Access to this email by anyone else is unauthorised. Any
> opinions expressed in this email do not necessarily reflect the opinions of
> Fidessa. Any unauthorised disclosure, use or dissemination, either whole or
> in part is prohibited. If you are not the intended recipient of this
> message, please notify the sender immediately.
>
> Fidessa plc - Registered office:
> Dukes Court, Duke Street, Woking, Surrey, GU21 5BH, United Kingdom
> Registered in England no. 3781700 VAT registration no. 688 9008 78
>
> Fidessa LatentZero Limited  - Registered office:
> Dukes Court, Duke Street, Woking, Surrey, GU21 5BH, United Kingdom
> Registered in England no. 3656437 VAT registration no. 688 9008 78
>
> Fidessa group plc - Registered Office:
> Dukes Court, Duke Street, Woking, Surrey, GU21 5BH, United Kingdom
> Registered in England no. 3234176 VAT registration no. 688 9008 78
>