Hi -- the only way I can get the tools qpid-config and qpid-stat to talk to qpidd (the broker) is to turn off SASL, which I do with
qpidd --auth=no (.. other flags) Is it advisable / ok to do that, if you otherwise have a good, SSL dual-authentication certificate exchange working? I've tried with SASL on, and using both --sasl-mechanism=PLAIN and --sasl-mechanism=EXTERNAL, with no success. I can leave SASL on and get the same cross-authentication going from a simple C++ client (which uses EXTERNAL). Is this known about the tools - or is there something I'm missing? I've tried the tools both with the fully-(SASL)qualified url, eg: --broker=amqps://admin/morpho@localhost:5671 and without, and variations. And had the database set up I believe properly, too: # passwords both 'morpho' qpidd$ sudo sasldblistusers2 -f /var/lib/qpidd/qpidd.sasldb qpid-admin@QPID: userPassword admin@QPID: userPassword # system SASL + qpidd points to the above db sasl2$ less /etc/sasl2/qpidd.conf pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /var/lib/qpidd/qpidd.sasldb mech_list: ANONYMOUS DIGEST-MD5 EXTERNAL PLAIN I'm happy not to use SASL, I just wonder whether I've missed something. Thanks, Jeff
