Description of problem: [messaging] scheme=ssl port=5671 cacert=/etc/pki/pulp/qpid/ca.crt clientcert=/etc/pki/pulp/qpid/client.crt if /etc/pki/pulp/qpid/ca.crt and /etc/pki/pulp/qpid/client.crt are not copied over to the consumer, error message we see is very confusing, so we should suggest copying them similar to config changes.
https://github.com/pulp/pulp/pull/180
Fixed in the 0.12 beta.
verified [root@preethi ~]# pulp-qpid-ssl-cfg Working in: /tmp/tmp6957 Please specify a directory into which the created NSS database and associated certificates will be installed. Enter a directory [/etc/pki/pulp/qpid]: /etc/pki/pulp/qpid Please enter a password for the NSS database. Generated if not specified. Enter a password: Using password: [redhat] Please specify a CA. Generated if not specified. Enter a path: Password file created. Database created. Creating CA certificate: Generating key. This may take a few moments... CA created Creating BROKER certificate: Generating key. This may take a few moments... Broker certificate created. Creating CLIENT certificate: Generating key. This may take a few moments... Client certificate created. pk12util: PKCS12 EXPORT SUCCESSFUL MAC verified OK Client key & certificate exported Artifacts copied to: /etc/pki/pulp/qpid. Recommended properties in /etc/qpidd.conf: auth=no # SSL require-encryption=yes ssl-require-client-authentication=yes ssl-cert-db=/etc/pki/pulp/qpid/nss ssl-cert-password-file=/etc/pki/pulp/qpid/nss/password ssl-cert-name=broker ssl-port=5671 ... Recommended properties in /etc/pulp/server.conf: ... [messaging] url=ssl://<host>:5671 cacert=/etc/pki/pulp/qpid/ca.crt clientcert=/etc/pki/pulp/qpid/client.crt Recommended properties in /etc/pulp/consumer/consumer.conf: ... [messaging] scheme=ssl port=5671 cacert=/etc/pki/pulp/qpid/ca.crt clientcert=/etc/pki/pulp/qpid/client.crt NOTE: The /etc/pki/pulp/qpid/ca.crt and /etc/pki/pulp/qpid/client.crt certificates will need to be manually copied to each consumer. [root@preethi ~]#
Pulp 2.0 released.