[Pulp-list] Qpid SSL on Pulp 2.4

Ashby, Jason (IMS) AshbyJ at imsweb.com
Fri Oct 24 18:40:11 UTC 2014

Those certs are the ones generated by /usr/bin/pulp-qpid-ssl-cfg.  I accepted the defaults for that script, except for the CA cert and key which I supplied with:

Please specify a CA.  Generated if not specified.
  Enter a path: /etc/pki/pulp_certs/pulpca.crt

Please specify the CA key
  Enter a path: /etc/pki/pulp_certs/pulpca.key

Does that answer your questions?

-----Original Message-----
From: Randy Barlow [mailto:rbarlow at redhat.com]
Sent: Friday, October 24, 2014 2:31 PM
To: Ashby, Jason (IMS); pulp-list at redhat.com
Subject: Re: [Pulp-list] Qpid SSL on Pulp 2.4

On 10/24/2014 02:19 PM, Ashby, Jason (IMS) wrote:
> [messaging]
> url: ssl://
> cacert: /etc/pki/pulp/qpid/ca.crt
> clientcert: /etc/pki/pulp/qpid/client.crt

Is that cacert the cert that signed the certificate that qpid is
configured to use? And is that client cert signed by the CA that the
qpid server is configured to trust?

> [tasks]
> broker_url: qpid://
> celery_require_ssl: true
> cacert: /etc/pki/pulp/qpid/ca.crt
> keyfile: /etc/pki/pulp/qpid/client.crt
> certfile: /etc/pki/pulp/qpid/client.crt

Same questions here.


Information in this e-mail may be confidential. It is intended only for the addressee(s) identified above. If you are not the addressee(s), or an employee or agent of the addressee(s), please note that any dissemination, distribution, or copying of this communication is strictly prohibited. If you have received this e-mail in error, please notify the sender of the error.

More information about the Pulp-list mailing list