[rabbitmq-discuss] Question about disabling RabbitMQ SSL hostname check

Simon MacMullen simon at rabbitmq.com
Thu Mar 1 11:11:13 GMT 2012

On 01/03/12 03:24, Annie Chen wrote:
> I have question about how to disable hostname check in RabbitMQ SSL
> communication. I followed the SSL setup steps here:
> http://www.rabbitmq.com/ssl.html#keys-and-certs. I can run the
> Example2.java (ssl communication) without any issue.
> However, I have a special requirement. RabbitMQ does check if the CN
> in the client's certificate matches its hostname. I'm wondering if
> there's config in rabbitMQ that can disable the check. I imagine it
> would be similar to the
> "System.Net.Security.SslPolicyErrors.RemoteCertificateNameMismatch
> flags" mentioned in the instruction. Any idea or reference will be
> very helpful since I'm new to RabbitMQ. (My environment is MAC OSX
> 10.6.8, and use Macports to install rabbitMQ.)

Hi Annie.

I don't believe that the server does that check. It's not completely 
obvious how it even could (the client does not present its hostname).

Could you let me know what you're seeing that is not what you expect?

Cheers, Simon

Simon MacMullen
RabbitMQ, VMware

More information about the rabbitmq-discuss mailing list