[rabbitmq-discuss] does RabbitMQ or Erlang/OTP attempt to match the CN of a client TLS cert?
David van Geest
davidv at spindance.com
Tue Aug 27 23:45:31 BST 2013
On Tue, Aug 27, 2013 at 6:20 PM, David van Geest <davidv at spindance.com>wrote:
>
> If a client connects to RabbitMQ using TLS, and client certificates are
> required by RabbitMQ, will RabbitMQ or Erlang/OTP attempt to match the CN
> on the client certificate with the client's hostname? Does it attempt to
> match the client certificate CN with anything at all?
>
>
Reading a bit more, it seems like the CN only matters if you are
using rabbitmq-auth-mechanism-ssl which will attempt to match the
certificate CN vs the user database in question. If you are using some
other SASL mechanism (say, PLAIN), the CN does not matter. Correct?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130827/a0b53d6c/attachment.htm>
More information about the rabbitmq-discuss
mailing list