[rabbitmq-discuss] Certificate with more than one intermediate CA

Karras, Thomas KarrasT at Pragmatics.com
Mon Apr 28 14:12:00 BST 2014



I have a question regarding a certificate with more than one
intermediate CA and the RabbitMQ federation plugin. We have successfully
been using the SSL connection setup with certificates with a single CA
but a new security requirement is forcing us to switch to a certificate
with 2 intermediary CA's. 


We are running into SSL errors when switching to this new cert with it
printing "unknown POSIX error". We believe this is related to the depth
setting in the erlang ssl_options section. We added the depth=2 option
since the documentation states that the default is 1. Setting this on
both servers did not fix the error. Does this setting need to be set
somehow on the client connection the federation plugin creates? I could
not find a way to specify client ssl_options for the federation plugin.


The new certs work fine with all the openssl tests on the SSL
troubleshooting page.




Thomas Karras 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20140428/c42d9d13/attachment.html>

More information about the rabbitmq-discuss mailing list