<div dir="ltr">On Tue, Aug 27, 2013 at 6:20 PM, David van Geest <span dir="ltr"><<a href="mailto:davidv@spindance.com" target="_blank">davidv@spindance.com</a>></span> wrote:<div class="gmail_extra"><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div dir="ltr"><div><br></div><div>If a client connects to RabbitMQ using TLS, and client certificates are required by RabbitMQ, will RabbitMQ or Erlang/OTP attempt to match the CN on the client certificate with the client's hostname? Does it attempt to match the client certificate CN with anything at all?</div>
<div><br></div></div></blockquote><div><br></div><div>Reading a bit more, it seems like the CN only matters if you are using rabbitmq-auth-mechanism-ssl which will attempt to match the certificate CN vs the user database in question. If you are using some other SASL mechanism (say, PLAIN), the CN does not matter. Correct?</div>
</div>
</div></div>