[rabbitmq-discuss] RabbitMQ .Net Client connecting without a passphrase
Vinay Nayak
virus.vinay at gmail.com
Tue Apr 1 13:31:00 BST 2014
Hi,
We have managed to get an authenticate-authorise with server-client
certificates set-up on our RabbitMQ server.
However the fact that in the client code we pass a certificate with a key
(i.e. p12 file) and a passphrase to connect to the server makes us a little
uncomfortable.
The fact that we are passing a Passphrase implies that RabbitMQ uses the
passphrase to decrypt the p12 file, retrieve the key, use the key to get
the CA details from the certificate and then check if the CA is trusted or
not; instead of RabbitMQ contacting the CA server to verify the certificate
presented by the client.
The above can be absolute bollocks, if it is can someone please explain
what goes under the hood.
Also is there any way to connect from the client using certificates without
giving out too much sensitive information.
Thanks in advance!!
~Vinay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140401/22f3793e/attachment.html>
More information about the rabbitmq-discuss
mailing list