You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@qpid.apache.org by "Hamid.Shahid" <ha...@hotmail.com> on 2012/02/01 11:17:24 UTC

Re: warning Connect failed

*Hi Jakub,*

Thank you for explaining the chrome related issue. Basically, my application
will run as a console application rather like a service but I will discuss
with the server/broker side regarding the CA and Trusted Peer thing you
mentioned. 

*Hi Cliff, *

Unfortunately, the server (broker) side is not developed by us and I guess
it is not even developed in windows. I also know that the client certificate
support is not implemented in Windows implementation of the Qpid client.
Therefore, I am trying to modify the API code to add this client certificate
support. I am doing this by looking at the server/broker implementation. 

Uptil now, I have modified the ctor of the /"SslConnector"/ class to open
certificate store /"CertOpenStore"/ and to find the certificate
/"CertFindCertificateInStore"/ before it tries to
/"AcquireCredentialsHandle"/ in /"SSLConnector.cpp"/. It can open the store
successfully and finds the certificate as well and even goes to
/"ClientSslAsynchIO::startNegotiate()"/ but when it comes to
/"ClientSslAsynchIO::negotiateStep(BufferBase* buff)"/ it fails while trying
to /"InitializeSecurityContext"/ and goes to/ "negotiationFailed"/ and gives
the following error;

/2012-01-25 18:08:09 notice SSL negotiation failed to <server-ip>:10170: The
target principal name is incorrect./

Please let me know, if I have missed anything to modify or if this is not
the right way to add the certificate support for the client side.

Many thanks.

-Hamid.
 

--
View this message in context: http://qpid.2158936.n2.nabble.com/warning-Connect-failed-tp7229984p7242637.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

Re: warning Connect failed

Posted by "Hamid.Shahid" <ha...@hotmail.com>.

Hi Cliff,

Yes, actually I am also tyring to create a separate C++ program to test this
connection problem using SChannel but that is also not working.

I am also thinking to contact Steve abou this, but I think he is very busy
to reply.

Thank you for the suggestions.

- Hamid

--
View this message in context: http://qpid.2158936.n2.nabble.com/warning-Connect-failed-tp7229984p7247024.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

Re: warning Connect failed

Posted by Cliff Jansen <cl...@gmail.com>.

Hi Hamid,

If I were in your position, I would not try to debug two pieces of
complex code at the same time.

I would recommend first trying to get the Windows ssl/tls calls
working in a simple C program, completely separated from Qpid code.
When that is working with your server and client certificates, you can
concentrate on the integration with Qpid code.

If you are pressed for time, I note that Steve Huston offered to help
you on a consulting basis in a previous thread you started.  He has
done excellent work for the Qpid community and just happens to be the
author of the code you are wading through.

Cliff

On Wed, Feb 1, 2012 at 10:03 AM, Hamid.Shahid <ha...@hotmail.com> wrote:
> P.S. I have also tried it with the host name and get the following error;
>
> 2012-01-25 18:08:09 notice SSL negotiation failed to <host.name.com>:10170:
> The target principal name is incorrect.
>
> Best Regards,
> - Hamid
>
> --
> View this message in context: http://qpid.2158936.n2.nabble.com/warning-Connect-failed-tp7229984p7243260.html
> Sent from the Apache Qpid users mailing list archive at Nabble.com.
>
> ---------------------------------------------------------------------
> Apache Qpid - AMQP Messaging Implementation
> Project:      http://qpid.apache.org
> Use/Interact: mailto:users-subscribe@qpid.apache.org
>

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org

Re: warning Connect failed

Posted by "Hamid.Shahid" <ha...@hotmail.com>.

P.S. I have also tried it with the host name and get the following error;

2012-01-25 18:08:09 notice SSL negotiation failed to <host.name.com>:10170:
The target principal name is incorrect.

Best Regards,
- Hamid

--
View this message in context: http://qpid.2158936.n2.nabble.com/warning-Connect-failed-tp7229984p7243260.html
Sent from the Apache Qpid users mailing list archive at Nabble.com.

---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project:      http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org