You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Daniel Sack (JIRA)" <ji...@apache.org> on 2010/11/25 15:17:13 UTC
[jira] Updated: (QPID-2960) Broker Windows SSL implementation
prevent broker to run as a windows service under a service account user
(local service, network service)
[ https://issues.apache.org/jira/browse/QPID-2960?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Daniel Sack updated QPID-2960:
------------------------------
Description:
The current windows ssl broker implementation will prevent the broker to run with service account permission (local service, network service).
The current SslProtocolFactory.cpp implementation tries to access the personal certificate storage.
If you run the broker as a console application than you will find the following entry in your log:
2010-11-25 12:20:55 debug Exception constructed: Locating certificate <machinename> in store My Cannot find object or property. (.\qpid\broker\windows\SslProtocolFactory.cpp:158)
If i'm right there is not personal certificate storage for windows default service accounts (local service, network service).
If you try to let the broker run as a windows service (Patch: QPID-2519) with "local services"/"network service" the broker will crash.
For client os versions (XP, Win7) it's working but not for server OS Versions (2003 - 2008 R2)
was:
The current windows ssl broker implementation will prevent the broker to run with service account permission (local service, network service).
The current SslProtocolFactory.cpp implementation tries to access the personal certificate storage.
If you run the broker as a console application than you will find the following entry in your log:
2010-11-25 12:20:55 debug Exception constructed: Locating certificate <machinename> in store My Cannot find object or property. (.\qpid\broker\windows\SslProtocolFactory.cpp:158)
If i'm right there is not personal certificate storage for windows default service accounts (local service, network service).
If you try to let the broker run as a windows service (Patch: QPID-2519) with "local services"/"network service" the broker will crash.
Environment: Windows Server 2003 - 2008 R2 (was: Windows)
> Broker Windows SSL implementation prevent broker to run as a windows service under a service account user (local service, network service)
> ------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: QPID-2960
> URL: https://issues.apache.org/jira/browse/QPID-2960
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Affects Versions: 0.7
> Environment: Windows Server 2003 - 2008 R2
> Reporter: Daniel Sack
>
> The current windows ssl broker implementation will prevent the broker to run with service account permission (local service, network service).
> The current SslProtocolFactory.cpp implementation tries to access the personal certificate storage.
> If you run the broker as a console application than you will find the following entry in your log:
> 2010-11-25 12:20:55 debug Exception constructed: Locating certificate <machinename> in store My Cannot find object or property. (.\qpid\broker\windows\SslProtocolFactory.cpp:158)
> If i'm right there is not personal certificate storage for windows default service accounts (local service, network service).
> If you try to let the broker run as a windows service (Patch: QPID-2519) with "local services"/"network service" the broker will crash.
> For client os versions (XP, Win7) it's working but not for server OS Versions (2003 - 2008 R2)
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org