- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-22-2024 07:58 PM
I am trying to connect to Hermes Messaging Service using python kafka consumer. Could you please tell me how to get the files specified for the parameters ssl.ca.location, ssl.key.location, and ssl.certificate.location in kafka consumer?
I am struggling because keystore and truststore cannot be used in python. For ssl.ca.location set in kafka consumer, I specify the certificate downloaded from the instance, InstancePKI-Issuing-CA. For ssl.key.location and ssl.certification.location, I specify the key and certificate extracted from the keystore.
When connecting to the broker, the following error occurred.
"SSL handshake failed: error:0A000086:SSL routines::certificate verify failed: broker certificate could not be verified, verify that ssl.ca.location is correctly configured or root CA certificates are installed"
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2024 01:56 AM
I found that the CA certificate I set for ssl.ca.location was wrong.
I created the pem file with following and set it to ssl.ca.location.
download ipki ca certificate from ServiceNow Instance.(saved as ipki-ca.pem)
download entrust g2 ca certificate from Entrust site. (saved as entrust_g2_ca.cer)
combine these certificate into one pem file. (cat ipki-ca.pem entrust_g2_ca.cer >> ca.pem)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2024 01:28 AM
I have no experience myself, try to check for this thread:
https://www.servicenow.com/community/telecom-blog/how-to-post-topics-using-hermes-kafka-messaging-an...
Or ServiceNow official documentations:
https://docs.servicenow.com/bundle/xanadu-servicenow-platform/page/administer/hermes-messaging-servi...
https://docs.servicenow.com/bundle/vancouver-platform-security/page/administer/log-export-service/ta...
/* If my response wasn’t a total disaster ↙️ ⭐ drop a Kudos or Accept as Solution ✅ ↘️ Cheers! */
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2024 01:56 AM
I found that the CA certificate I set for ssl.ca.location was wrong.
I created the pem file with following and set it to ssl.ca.location.
download ipki ca certificate from ServiceNow Instance.(saved as ipki-ca.pem)
download entrust g2 ca certificate from Entrust site. (saved as entrust_g2_ca.cer)
combine these certificate into one pem file. (cat ipki-ca.pem entrust_g2_ca.cer >> ca.pem)
