[rabbitmq-discuss] Experimenting with release candidates: RabbitMQ 2.7.9

• Previous message: [rabbitmq-discuss] Experimenting with release candidates: RabbitMQ 2.7.9
• Next message: [rabbitmq-discuss] Experimenting with release candidates: RabbitMQ 2.7.9
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Simon MacMullen writes:
 > > The DN/CN issues were discussed recently, but I'll leave it to Simon to
 > > explain our position on that.
 > 
 > It defaults to doing the best impersonation it can of a DN produced by 
 > the OpenSSL's -nameopt RFC2253 [...]

Simon,

I confirm that this works fine in 2.8.0. However, the user that is required
(which name is the DN) also allows to login without SSL.

One solution would be to generate long random passwords for these dummy
users indicating which DNs are allowed but this looks like bricolage. What
about using the (currently underused) tags for this purpose? We could
imagine an "ssl" tag meaning "this user can only login via SSL"...

Cheers,

Lionel

• Previous message: [rabbitmq-discuss] Experimenting with release candidates: RabbitMQ 2.7.9
• Next message: [rabbitmq-discuss] Experimenting with release candidates: RabbitMQ 2.7.9
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]