Cannot use rhea in mutual TLS authentication.

[andrealmeidap]

I am attempting to use rhea to connect over AMQP using TLS to a server running ActiveMQ Artemis. When I set ActiveMQ to NOT request the client certificate I can connect my application, but when I set ActiveMQ to request the client certificate I get the following error on ActiveMQ: javax.net.ssl.SSLHandshakeException: Empty server certificate chain. I saw that this same error happens when I do not specify any file in the nested object tls:{key: , cert: , ca:}. So it seems that rhea cannot send my certificate when the server request. Here is the connection options that I am using:

container.connection = container.connect({ host:'192.168.88.171', port:5672, transport: 'tls', tls: { key: fs.readFileSync(path.resolve('/home/andre/ssl/client.key')), cert: fs.readFileSync(path.resolve('/home/andre/ssl/client.pem')), ca: fs.readFileSync(path.resolve('/home/andre/ssl/cacert.pem')) }, rejectUnauthorized: false });

Do you have any idea why this is happening?

Thanks in advance!

[grs]

There is no nested 'tls' object. The key, cert and ca's are at the same level as host/port. There is an example here: https://github.com/amqp/rhea/blob/master/examples/tls/tls_client.js#L37

[andrealmeidap]

Thank you very much @grs ! Maybe it would be nice to update the README.md, there it says about the nested object...

tls (a nested object with fields key, cert, ca for paths to correspoding files)

[grs]

@andrealmeidap that refers to the config file which shares a format with the Apache Qpid proton client libraries for convenience. I agree it looks a little confusing as the tls options aren't mentioned in the connect options proper. I have pushed a change that hopefully clarifies that a little.