[rabbitmq-discuss] Configuring Auth LDAP Backend using LDAP+SSL/TLS
Simon MacMullen
simon at rabbitmq.com
Thu Oct 24 10:43:18 BST 2013
Currently you can't set SSL options for LDAP connections, you can only
set {use_ssl, true} to make a connection without presenting a client
certificate. I guess this should be fixed.
Also you have {port, 389} which is unlikely to work as it's the non-SSL
port and I'm not at all convinced eldap (the underlying Erlang LDAP
library) supports StartTLS.
So the only configuration that could work at the moment is
{use_ssl, true},
{port, 636}
Cheers, Simon
On 23/10/13 19:20, Carl Corliss wrote:
> Greetings,
>
> I've been using RabbitMQ for a while now though this is my first
> time attempting to use the LDAP authentication backend plugin. I have
> a requirement to use SSL/TLS for LDAP connections (openldap ssf:
> simple_bind=128 update_ssf=128), so either LDAPS:// or
> LDAP://+starttls. However, from what I can tell, the plugin isn't
> talking to LDAP using SSL/TLS so ldap based logins are failing.
>
> Based on the documentation, which I could very well be
> misinterpreting, I setup the use_ssl option using ssl_options as a
> guide, however that doesn't appear to be working.
>
> You can see my settings, and log output here:
>
> https://gist.github.com/rabbitt/cf2d42a011cff8bfe188
>
> Any suggestions/help/criticism is greatly appreciated!
>
> Thanks in advance!,
>
> --
> Carl P. Corliss
> _______________________________________________
> rabbitmq-discuss mailing list
> rabbitmq-discuss at lists.rabbitmq.com
> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
>
--
Simon MacMullen
RabbitMQ, Pivotal
More information about the rabbitmq-discuss
mailing list