[rabbitmq-discuss] Broker accepts self-signed client certificate in verify_peer mode

[jiri at krutil.com]

I also believe that the default behaviour should be to reject client  
certs signed by an untrusted CA. I found the current functionality  
quite surprising and potentially dangerous.

Any chance of changing this in the "official" distribution of RabbitMQ?

Cheers
Jiri

> It's great that you've sent a solution, but it's not very pretty. As it is,
> I would consider SSL functionality broken and would put a big warning on the
> SSL howto page.