You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@qpid.apache.org by Phil Brown <br...@gmail.com> on 2011/07/15 18:40:42 UTC
Disabling the TCP Port
Hi all,
Is there a way to disable the TCP port such that only the SSL port is
accessible?
I noticed that there is a --requiresEncryption flag. When I tried using it,
(QPID Windows 0.8x version), it does indeed refuse TCP connections, however,
it also rejects SSL connections.
Your help would be greatly appreciated!!!
Thanks!
Phil.
RE: Disabling the TCP Port
Posted by Steve Huston <sh...@riverace.com>.
Phil, do you think you could report the details for the issue in a jira?
Thanks,
-Steve Huston
-----Original Message-----
From: Gordon Sim [mailto:gsim@redhat.com]
Sent: Tuesday, July 19, 2011 7:50 AM
To: users@qpid.apache.org
Subject: Re: Disabling the TCP Port
On 07/15/2011 05:40 PM, Phil Brown wrote:
> Hi all,
>
> Is there a way to disable the TCP port such that only the SSL port is
> accessible?
> I noticed that there is a --requiresEncryption flag. When I tried
> using it, (QPID Windows 0.8x version), it does indeed refuse TCP
> connections, however, it also rejects SSL connections.
>
> Your help would be greatly appreciated!!!
I tested this for the 0.8 release on linux and it works as expected.
Looking at the windows code, I can't even see where this condition is
enforced.
What is the error that you get?
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Disabling the TCP Port
Posted by Gordon Sim <gs...@redhat.com>.
On 07/15/2011 05:40 PM, Phil Brown wrote:
> Hi all,
>
> Is there a way to disable the TCP port such that only the SSL port is
> accessible?
> I noticed that there is a --requiresEncryption flag. When I tried using it,
> (QPID Windows 0.8x version), it does indeed refuse TCP connections, however,
> it also rejects SSL connections.
>
> Your help would be greatly appreciated!!!
I tested this for the 0.8 release on linux and it works as expected.
Looking at the windows code, I can't even see where this condition is
enforced.
What is the error that you get?
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org
Re: Disabling the TCP Port
Posted by Pavel Moravec <pm...@redhat.com>.
Hi Phil,
it is not directly what you want, but you can make the port use-less:
1) Set authentication on: use "--auth yes" in qpidd command line or "auth=yes" in qpidd.conf and restart qpidd. That will prevent non-authenticated usage.
2) Disable default guest:guest credentials (and others if added manually) from SASL database:
# saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -d QPID guest
That will prevent to be authenticated as "guest" user (the default user of qpid).
Kind regards,
Pavel
----- Original Message -----
From: "Phil Brown" <br...@gmail.com>
To: "users" <us...@qpid.apache.org>
Sent: Friday, July 15, 2011 6:40:42 PM
Subject: Disabling the TCP Port
Hi all,
Is there a way to disable the TCP port such that only the SSL port is
accessible?
I noticed that there is a --requiresEncryption flag. When I tried using it,
(QPID Windows 0.8x version), it does indeed refuse TCP connections, however,
it also rejects SSL connections.
Your help would be greatly appreciated!!!
Thanks!
Phil.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:users-subscribe@qpid.apache.org