qdrouter cannot load SSL certificate files

Solution Verified - Updated -

Issue

  • The SSL connection between AMQ Interconnect and AMQ Broker is not established and the following error is reported:

    SERVER (error) SSL CA configuration failed for connection [C43674] to xxxx
SERVER (error) SSL local certificate configuration failed for connection [C43674] to xxxx
SERVER (error) [C43674] Connection aborted due to internal setup error
SERVER (info) [C43674] Connection to xxxx failed: amqp:connection:framing-error Expected AMQP protocol header: no protocol header found (connection aborted)

  • The cerificate is valid and the connection works fine if SSL is not involved.

Environment

  • Red Hat AMQ Interconnect 1.8.0

  • SSL configured as in the following example

    sslProfile {
    name: router-ssl
    certFile: /opt/eesb/interconnect/etc/interconnect_truststore.pem
    caCertFile: /opt/eesb/interconnect/etc/interconnect_ca.pem
    privateKeyFile: /opt/eesb/interconnect/etc/interconnect_keystore.pem
    password: pass:Pa$sw0rd
}

  • Interconnect is started as a service using the qdrouter user configured as

    qdrouterd:x:989:987:Owner of Qdrouterd Daemons:/var/lib/qdrouterd:/sbin/nologin

  • SSL connection works fine if AMQ Interconnect is run using a different user with the below command:

    $/usr/sbin/qdrouterd -c /etc/qpid-dispatch/qdrouterd.conf -d

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content