[rabbitmq-discuss] Shovel from a user with a Password with @ symbol
Dushin Fred
fred at dushin.net
Wed Feb 6 12:36:52 GMT 2013
On Feb 4, 2013, at 12:51 PM, Simon MacMullen <simon at rabbitmq.com> wrote:
>
> But you can use public key encryption - if you set up a bunch of SSL certs you can have clients authenticated by their client certificates, see:
>
> http://hg.rabbitmq.com/rabbitmq-auth-mechanism-ssl/file/rabbitmq_v3_0_2/README
>
> and then specify auth_mechanism=external in URIs and you no longer need a password. (Hmm, the docs for that should be... more findable.)
One other thing I found is that I had to add the 'EXTERNAL' atom to the auth_mechanisms property for the rabbit application in my rabbitmq.conf file, e.g.,
{auth_mechanisms, ['PLAIN', 'AMQPLAIN', 'EXTERNAL']}
which I don't think is in the README. (Am I right about that? I have two brokers doing mutual auth through the shovel, and I couldn't get them to accept an SSL connection without that setting.)
It's probably obvious to the initiated, but I hadn't gone through the mechanics of the auth_mechanisms property when I set it up.
-Fred
More information about the rabbitmq-discuss
mailing list