[rabbitmq-discuss] Publisher Authentication
matthias at rabbitmq.com
Mon Sep 10 14:24:27 BST 2012
On 06/09/12 09:40, Rosa, Andrea (HP Cloud Services) wrote:
> Some months ago I tested the SASL EXTERNAL support for authenticate both
> clients and server, it worked well apart an issue with revoked certificates.
> It seems that the plugin was not able to verify a certificate against a
> CRL, and in my understanding (and if I remember correctly) that was a
> limitation due to SSL erlang library.
Correct - there is no built-in support for CRLs in the Erlang SSL libraries.
You should however be able to plug in your own CRL logic by supplying a
suitable verify_fun in the ssl configuration. See
More information about the rabbitmq-discuss