🎄 Happy Holidays! 🥳
Most of Solace is closed December 24–January 1 so our employees can spend time with their families. We will re-open Thursday, January 2, 2024. Please expect slower response times during this period and open a support ticket for anything needing immediate assistance.
Happy Holidays!
Please note: most of Solace is closed December 25–January 2, and will re-open Tuesday, January 3, 2023.
Secure connection on Local Host
Hi,
I am using the Solace Software as a Docker container. I am able to establish a default connection (localhost:55555) and compressed connection (localhost:55003) with the broker.
For the secured connection, I enabled the port 55443 while running the container, but when I try to establish a secure connection it gives me an unable to connect error on socket error.
Please help me with how to establish a Secure Connection locally.
Thanks in advance!
Comments
-
Hi chaudharys,
1. have you configured a TLS server certificate for the Solace broker ? Without a server certificate, no TLS service is possible.
2. You have added the port 55443 to your enabled port list during docker run command ?How to add a TLS server certificate to a Solace broker: https://docs.solace.com/Configuring-and-Managing/Managing-Server-Certs.htm
1 -
Hi @chaudharys , Also remember to use tcps://broker:55443 in your connection string.
0 -
@uherbst Thanks for your help, I am new to security, can you help me with how I can download/create certificates for secure connections?
0 -
Hi @chaudharys, sure.
You need a TLS server certificate for that. You can use a selfsigned one or an external signed one - as you like.
You need a pem file, contents are "first the key, then the certificate".
You need to copy that pem file inside the docker container to /usr/sw/jail/certs/xxx.pem (you can name it as you like). Details how to copy files to the broker can you find here: https://solace.community/discussion/316/how-to-copy-files-to-from-a-solace-broker#latest
And finally, you have to configure this certificate as your server certificate. Inside the cli:enable configure ssl server-certificate xxx.pem (choose the same name as you copied the file)
0 -
Hi, I tried to create the certificate using tls-gen, but there is some issue with it. Can you help me with how to get a self signed or external signed certificate.
0 -
1
-
Hi, I was able to resolve my issues and establish the secure connection with localhost and cloud.
I have just restarted my container to continue working on solace. But now I am again facing an issue with the secure connection in localhostI am running my localhost as:
./farePub tcps://localhost:55443 default admin admin topic ../ssl
The error I am getting is:SDK NOTICE Thu Aug 19 18:47:26.741 2021 solClientOS.c:5942 (7f522324f700) TCP: Could not read from socket 7, error = Connection reset by peer (104) SDK NOTICE Thu Aug 19 18:47:26.742 2021 solClientSmf.c:7232 (7f522324f700) Read failed from transport 'TCP' of session '(c0,s1)_default' due to 'TCP: Could not read from socket 7, error = Connection reset by peer (104)', client name 'chaudharylin/6219/#00000001/69n7eehmiw', VPN name 'default', peer host 'localhost:55443' address 'IP 127.0.0.1', connection 'tcp_TxRx' local address 'IP 127.0.0.1:56032'
Please guide me with what the issue is.0