[rabbitmq-discuss] rabbitmq_auth_mechanism_ssl limitations

• Previous message: [rabbitmq-discuss] rabbitmq_auth_mechanism_ssl limitations
• Next message: [rabbitmq-discuss] rabbitmq_auth_mechanism_ssl limitations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Massimo,

On 13/07/11 09:31, Massimo Paladin wrote:
> We have been using serialized DNs for years in ActiveMQ and we didn't
> have problems.

But is ActiveMQ definitely performing DN matching by string comparison? 
Or is it perhaps doing a fully-fledged ASN.1 structural comparison 
following the rules of DN equivalence set out by the various RFCs?

> Usually we get the DN and we just add it to the configuration.

How do you "get the DN"? For example, openssl displays the DN in the 
wrong form by default - one needs to add the "-nameopt RFC2253" switch 
to get an RFC-compliant representation. And even then it's only rfc2253, 
not the more recent rfc4514; though I have no idea what the difference is.

Matthias.

• Previous message: [rabbitmq-discuss] rabbitmq_auth_mechanism_ssl limitations
• Next message: [rabbitmq-discuss] rabbitmq_auth_mechanism_ssl limitations
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]