[rabbitmq-discuss] client cert & user/pass authentication

Warren Smith wsmith at tacc.utexas.edu
Tue May 7 15:58:50 BST 2013

I'm using the rabbitmq-auth-mechanism-ssl plugin to authenticate clients using certificates that the clients present. This is working well, but for convenience, I'd also like to allow a few users to authenticate using a username/password over an ssl connection.

rabbitmq-auth-mechanism-ssl requires that the ssl_options in the the rabbitmq.config include {fail_if_no_peer_cert,true}, so user/pass authentication can't be performed. If I try to set it to false, the client certificate seems to be ignored.

I have {auth_mechanisms, ['PLAIN', 'AMQPLAIN', 'EXTERNAL']} in the rabbitmq.config and users can authenticate over tcp with a user/pass, but I'd prefer that they use ssl. Is there a configuration that would allow me to support both client certificate and username/password authentication over ssl?



More information about the rabbitmq-discuss mailing list