[rabbitmq-discuss] RabbitMQ Federation & SSL
Simon MacMullen
simon at rabbitmq.com
Fri May 24 11:02:25 BST 2013
Hi. Are you setting the various SSL options in the URIs? See
http://www.rabbitmq.com/shovel.html#uris for the URI format. Federation
uses the AMQP client, which doesn't get its SSL options from the
configuration file.
Cheers, Simon
On 23/05/13 21:28, Eric Cozzi wrote:
> I am having an issue configuring Federation and passwordless-ssl login.
> Federation is using https. Seems if I enable the ssl config option
> {fail_if_no_peer_cert,true}, peer brokers get a SSL connection error
> when trying to establish the Federation. Even though I'm setting my SSL
> keys and certs in the rabbitmq config, I'm guessing that Federation
> isn't using the configured certs? Is there a way to configure the client
> and CA cert's to use with Federation?
>
> Eric
>
> Below is my (simplified) configuration.
>
> [
> {rabbit,
> [
> {hipe_compile, true},
> {tcp_listen_options,
> [binary,
> {packet,raw},
> {reuseaddr,true},
> {backlog,128},
> {nodelay,true},
> {exit_on_close,false}
> ]
> },
> {ssl_listeners, [5671]},
> {ssl_options, [{cacertfile,"/opt/cray/ssl/testca/cacert.pem"},
> {certfile,"/opt/cray/ssl/server-01/cert.pem"},
> {keyfile,"/opt/cray/ssl/server-01/key.pem"},
> {verify,verify_peer},
> {fail_if_no_peer_cert,false}
> ]
> }
> ]
> }
> ].
>
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
--
Simon MacMullen
RabbitMQ, Pivotal
More information about the rabbitmq-discuss
mailing list