You need to provide both the certificate chain file and the private key file (they're not the same file).<br><div><br></div><div>To debug this with the openssl s_client command, you'll need to pass in the -verify, -key and -cert flags with appropriate values.</div>
<div><br></div><div>HTH</div><div>-Alan</div><br><div>On Wed May 28 2014 at 7:45:52 AM, Dan Berger <<a href="mailto:dberger@fiveringscapital.com">dberger@fiveringscapital.com</a>> wrote:</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div lang="EN-US" link="blue" vlink="purple"><div><p class="MsoNormal">I’m just starting development on a c++ client app to connect to a vendor’s server.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">
I’m trying the SimpleAmqpClient library which is built on top of rabbitmq-c.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">The provided a self-signed client certificate in .p12 format that I’ve converted to .pem. This contains a public and private key and also a CA public key.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">I’m now trying to connect while providing the .pem file as the CA cert, client cert and client private key.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">While connecting, I get:<u></u><u></u></p><p class="MsoNormal">'AmqpClient::AmqpLibraryException'<u></u><u></u></p><p class="MsoNormal"> what(): Error setting client certificate for socket: SSL peer cert verification failed<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Digging into rabbitmq-c, I see this is due to the call to <span style="font-size:9.0pt;font-family:Consolas;color:#333333;background:white">amqp_ssl_socket_set_key</span> failing.<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Running openssl s_client seems to work fine, so I’m not sure what I’m doing wrong. Any ideas?<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">
-Dan<u></u><u></u></p></div></div>______________________________<u></u>_________________<br>
rabbitmq-discuss mailing list<br>
<a href="mailto:rabbitmq-discuss@lists.rabbitmq.com" target="_blank">rabbitmq-discuss@lists.<u></u>rabbitmq.com</a><br>
<a href="https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss" target="_blank">https://lists.rabbitmq.com/<u></u>cgi-bin/mailman/listinfo/<u></u>rabbitmq-discuss</a><br>
</blockquote>