[rabbitmq-discuss] ssl certificate to client lookup

Nathaniel Haggard natester at gmail.com
Tue Jun 29 18:07:27 BST 2010

On Mon, Jun 28, 2010 at 11:46 PM, Lionel Cons <lionel.cons at cern.ch> wrote:
> Matthias Radestock writes:
>  > Couldn't you simply get the sender to sign the message and the recipient
>  > to verify the signature?
> This would work in the cases where we control the clients.
> Unfortunately, this is not always the case.
> In case something bad happens (invalid message, too many messages...),
> we want to know who sent the offending messages.

So do we.

If rabbitmqctl list_connections showed the ssl common name in
client_properties then we could find the queue by joining
list_connections output with list_queues output on pid and owner_pid
respectively.  If we found a misbehaving client we would revoke its
certificate; though, CRL was not supported as of last year
 Is it now?


Is client_properties where you plan to put the ssl information?


More information about the rabbitmq-discuss mailing list