[rabbitmq-discuss] Broker accepts self-signed client certificate in verify_peer mode

jiri at krutil.com jiri at krutil.com
Wed Aug 11 18:04:31 BST 2010


I also believe that the default behaviour should be to reject client  
certs signed by an untrusted CA. I found the current functionality  
quite surprising and potentially dangerous.

Any chance of changing this in the "official" distribution of RabbitMQ?

Cheers
Jiri

> It's great that you've sent a solution, but it's not very pretty. As it is,
> I would consider SSL functionality broken and would put a big warning on the
> SSL howto page.



More information about the rabbitmq-discuss mailing list