And one more difference in certificates:
[root@bdapmgmtsbx01 certs]# keytool -list -keystore /etc/candlepin/certs/amqp/candlepin.jks
Enter keystore password:
Keystore type: jks
Keystore provider: SUN
Your keystore contains 1 entry
amqp-client, Jan 31, 2020, PrivateKeyEntry,
Certificate fingerprint (SHA1): FB:19:FB:69:C3:C0:72:C1:A4:85:BB:3E:37:40:58:77:25:39:FE:5E
Warning:
The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore /etc/candlepin/certs/amqp/candlepin.jks -destkeystore /etc/candlepin/certs/amqp/candlepin.jks -deststoretype pkcs12".
[root@bdapmgmtsbx01 certs]# openssl x509 -noout -fingerprint -sha1 -inform pem -in /etc/pki/pulp/qpid/client.crt
SHA1 Fingerprint=F0:F3:4B:F2:B4:60:2D:EF:BB:2A:18:A0:ED:44:53:72:25:9C:FD:19
This actually means that certificate in candlepin keystore is different than required for Qpid.