[rabbitmq-discuss] RabbitMQ MQTT plugin and x509 client certificate authentication

[Mark Wolfe]

Gday all

I am working on a project to use MQTT with RabbitMQ to a bunch of devices 
and I am looking to use x509 client certificate authentication.

I found a note from when the initial cut of the plugin was developed with a 
TODO for this.

My basic requirements are to verify some attributes (configurable matches 
for example OU=blah or O=blah ) in the certificate then extract the Subject 
DN and inject that into the MQTT username field.

Has anyone implemented x509 authentication with the other transports 
available for RabbitMQ? 

Thanks to advice from helpful people on twitter I will probably start with 
a simple tcp server based example to ensure my certificates will work with 
Erlang then take a shot at integrating it into the RabbitMQ MQTT plugin.

If anyone has any tips or links other projects or code which does this sort 
of thing it would be much appreciated.

In addition to client certificate authentication I am also interesting in 
implementing some of the bridge related enhancements currently being 
trailed in mosquitto but that is not high on my agenda at the moment. Note 
I know these are NOT in the standard yet however they are useful.

Thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20131112/a2248a29/attachment.htm>