If anyone does end up writing the code to do this, I'd be interested if you want to share. As an aside, OCSP checks would also be awesome :-P<div><br></div><div>Thanks,</div><div><br clear="all">Mark Steele<br>Bering Media Inc.<br>
<div><br></div><div class="gmail_quote">On Thu, Aug 4, 2011 at 6:54 AM, Rosa, Andrea <span dir="ltr"><<a href="mailto:andrea.rosa@hp.com">andrea.rosa@hp.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Hi Matthias<br>
<br>
Thank you for your reply.<br>
Regards<br>
--<br>
<font color="#888888">Andrea<br>
</font><div><div></div><div class="h5"><br>
> As suggested in response to your question in erlang-questions, you can<br>
> define your own cert verification function with the verify_fun ssl<br>
> option and have that perform all the checks you need. The erlang ssl<br>
> docs (<a href="http://www.erlang.org/doc/man/ssl.html" target="_blank">http://www.erlang.org/doc/man/ssl.html</a>) for verify_fun describe<br>
> how that function should behave.<br>
><br>
> To hook your verification function into rabbit (nb: this is untested)<br>
> ...<br>
><br>
> 1) write an erlang module containing (and exporting) that function<br>
><br>
> 2) In the rabbit/ssl_options section of the rabbitmq.config, add an<br>
> entry {verify_fun, {YourModuleName, YourFunctionName}}.<br>
><br>
><br>
> Regards,<br>
><br>
> Matthias.<br>
_______________________________________________<br>
rabbitmq-discuss mailing list<br>
<a href="mailto:rabbitmq-discuss@lists.rabbitmq.com">rabbitmq-discuss@lists.rabbitmq.com</a><br>
<a href="https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss" target="_blank">https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss</a><br>
</div></div></blockquote></div><br></div>