[rabbitmq-discuss] client cert & user/pass authentication

• Previous message: [rabbitmq-discuss] client cert & user/pass authentication
• Next message: [rabbitmq-discuss] Porting .NET client to WinRT API (Windows 8).
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm afraid that's not possible at the moment. I'm not sure whether the 
Erlang SSL API lets us determine programmatically whether there is a 
client cert and it has been verified. We'll look into this.

Cheers, Simon

On 07/05/13 15:58, Warren Smith wrote:
>
> I'm using the rabbitmq-auth-mechanism-ssl plugin to authenticate
> clients using certificates that the clients present. This is working
> well, but for convenience, I'd also like to allow a few users to
> authenticate using a username/password over an ssl connection.
>
> rabbitmq-auth-mechanism-ssl requires that the ssl_options in the the
> rabbitmq.config include {fail_if_no_peer_cert,true}, so user/pass
> authentication can't be performed. If I try to set it to false, the
> client certificate seems to be ignored.
>
> I have {auth_mechanisms, ['PLAIN', 'AMQPLAIN', 'EXTERNAL']} in the
> rabbitmq.config and users can authenticate over tcp with a user/pass,
> but I'd prefer that they use ssl. Is there a configuration that would
> allow me to support both client certificate and username/password
> authentication over ssl?
>
>
> Thanks,
>
>
> Warren
>
> _______________________________________________ rabbitmq-discuss
> mailing list rabbitmq-discuss at lists.rabbitmq.com
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
>


-- 
Simon MacMullen
RabbitMQ, Pivotal

• Previous message: [rabbitmq-discuss] client cert & user/pass authentication
• Next message: [rabbitmq-discuss] Porting .NET client to WinRT API (Windows 8).
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]