Hi @Tamimi , Thanks for your prompt response.
I tried both the ways,
- Transport security stratergy :
With the certificate we have, we generated a .pem file. it holds ENCRYPTED PRIVATE KEY and 3 CERTIFICATES
I defined Transport security stratergy as below
transport_security_strategy = TLS.create().with_certificate_validation(True, False, “C:\Users\XXXX\Desktop\IMFT\certificates\”)
and message service as below,
messaging_service = MessagingService.builder().from_properties(broker_props)\ .with_reconnection_retry_strategy(RetryStrategy.parametrized_retry(20,3))\ .with_transport_security_strategy(transport_security_strategy)\ .build(broker_props[‘application_id’])
When i run i face below exception
2022-04-26 10:29:50,865 [WARNING] solace.messaging.connections: [messaging_service.py:1073] Parent propert is not present so broker will ignore property: [‘solace.messaging.authentication.scheme.basic.username’]
2022-04-26 10:29:50,896 [ERROR] solace.messaging.core: [_solace_session.py:665] [[SERVICE: 0x1eca3f6exxx] - [APP ID: 1234-TEST]] SOLCLIENT_SUBCODE_FAILED_LOADING_CERTIFICATE_AND_KEY
2022-04-26 10:29:50,896 [ERROR] solace.messaging.core: [_solace_session.py:674] [[SERVICE: 0x1eca3f6exxx] - [APP ID: 1234-TEST]] SESSION CREATION UNSUCCESSFUL. Failed to load certificate.
Traceback (most recent call last):
File “TLS_connection.py”, line 75, in
messaging_service = MessagingService.builder().from_properties(broker_props)
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\messaging_service.py”, line 1047, in build
return _BasicMessagingService(config=self._stored_config, application_id=application_id)
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\messaging_service.py”, line 548, in init
self._api.create_session(self._config) # create the session as part of Messaging Service build process
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\core_solace_session.py”, line 675, in create_session
raise PubSubPlusCoreClientError(message= FAILED_TO_LOADING_CERTIFICATE_AND_KEY , sub_code=info_sub_code)
solace.messaging.errors.pubsubplus_client_error.PubSubPlusCoreClientError: SESSION CREATION UNSUCCESSFUL. Failed to load certificate. but all nessacry cetificates are kept in C:\Users\XXXX\Desktop\IMFT\certificates\ path.
2) Authentication strategy :
authentication_strategy = ClientCertificateAuthentication.of(“C:\Users\XXXX\Desktop\IMFT\certificates\Organization-SSL-CA-G1-SHA2.cer”,“C:\Users\XXXX\Desktop\IMFT\certificates\Private.key”,“abcd”)
.with_certificate_and_key_pem(“C:\Users\XXXX\Desktop\IMFT\certificates\Test\server.pem”)
.with_private_key_password(“abcd”)
and message service as
messaging_service = MessagingService.builder().from_properties(broker_props)
.with_authentication_strategy(authentication_strategy)
.build(broker_props[‘application_id’])
when I run I face below exception
2022-04-26 10:54:19,629 [WARNING] solace.messaging.connections: [messaging_service.py:1073] Parent propert is not present so broker will ignore property: [‘solace.messaging.authentication.scheme.basic.username’]
2022-04-26 10:54:19,730 [WARNING] solace.messaging.core: [_solace_session.py:845] [[SERVICE: 0x226ea17e310] - [APP ID: 1234-TEST]] SESSION CREATION UNSUCCESSFUL. Failed to load certificate. {‘caller_description’: ‘do_connect’, ‘return_code’: ‘Fail’, ‘sub_code’: ‘SOLCLIENT_SUBCODE_FAILED_LOADING_CERTIFICATE_AND_KEY’, ‘error_info_sub_code’: 102, ‘error_info_contents’: “Failed to add the private key from file ‘C:\Users\XXXX\Desktop\IMFT\certificates\Test\server.pem’, session ‘(c0,s1)_vpn-imft’”}
Traceback (most recent call last):
File “TLS_connection.py”, line 86, in
messaging_service.connect()
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\messaging_service.py”, line 615, in connect
connect_status = self._api._session_connect()
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\core_solace_session.py”, line 546, in _session_connect
return self.__do_connect()
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\core_solace_session.py”, line 833, in __do_connect
self.__handle_exception_message(return_code=return_code, caller_desc=‘do_connect’)
File “C:\Users\python-3.8.5-embed-amd64\lib\site-packages\solace\messaging\core_solace_session.py”, line 846, in __handle_exception_message
raise PubSubPlusCoreClientError(message=f’{ FAILED_TO_LOADING_CERTIFICATE_AND_KEY } {core_exception_msg}',
solace.messaging.errors.pubsubplus_client_error.PubSubPlusCoreClientError: SESSION CREATION UNSUCCESSFU L. Failed to load certificate. {‘caller_description’: ‘do_connect’, ‘return_code’: ‘Fail’, ‘sub_code’: ‘SOLCLIENT_SUBCODE_FAILED_LOADING_CERTIFICATE_AND_KEY’, ‘error_info_sub_code’: 102, ‘error_info_contents’: “Failed to add the private key from file ‘C:\Users\XXXX\Desktop\IMFT\certificates\Test\server.pem’, session ‘(c0,s1)_vpn-imft’”}
I defined all values for class ClientCertificateAuthentication as per the docs here .
I AM STUCK !!!