Description of problem: Talked with jortel about this a lot, but essentially when pulp and qpidd are configured in similar ways to they were in pulpv1 with katello (with ssl communicaiton enabled), ssl seems broken. When trying to delete a consumer for example you will get an error (see below). relevant configs: server.conf: [messaging] url: ssl://localhost:5671 cacert: /usr/share/katello/candlepin-cert.crt clientcert: /etc/pki/pulp/qpid_client_striped.crt topic_exchange: 'amq.topic' install_timeout: 10:600 update_timeout: 10:600 uninstall_timeout: 10:600 bind_timeout: 1:1 unbind_timeout: 1:1 qpidd.conf: [messaging] cluster-mechanism=ANONYMOUS log-enable=error+ auth=no require-encryption=yes ssl-require-client-authentication=yes ssl-port=5671 ssl-cert-db=/etc/pki/katello/nssdb ssl-cert-password-file=/etc/katello/nss_db_password-file ssl-cert-name=broker relevant errors: Nov 7 14:10:14 (none) qpidd[16771]: 2012-11-07 14:10:14 [Security] error Error reading socket: Unable to find the certificate or key necessary for authentication. [-12285] Speaking with Jeff, no one had tested pulpv2 with qpidd using SSL and he was going to setup a non-katello test box to debug.
Using 2.0.6-0.9.beta, I generated certificates using the playpen/nss-db-gen script and updated server.conf, consumer.conf and qpidd.conf to support only SSL connectivity to the qpid broker. Then, restarted qpidd, httpd and goferd. All connected as expected using SSL on port 5671. Then, I ran a successful package install test using pulp-admin. The test suggests that SSL between QPID and Pulp is in good working order.