[rabbitmq-discuss] does RabbitMQ or Erlang/OTP attempt to match the CN of a client TLS cert?

• Previous message: [rabbitmq-discuss] does RabbitMQ or Erlang/OTP attempt to match the CN of a client TLS cert?
• Next message: [rabbitmq-discuss] does RabbitMQ or Erlang/OTP attempt to match the CN of a client TLS cert?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 27, 2013 at 6:20 PM, David van Geest <davidv at spindance.com>wrote:

>
> If a client connects to RabbitMQ using TLS, and client certificates are
> required by RabbitMQ, will RabbitMQ or Erlang/OTP attempt to match the CN
> on the client certificate with the client's hostname? Does it attempt to
> match the client certificate CN with anything at all?
>
>
Reading a bit more, it seems like the CN only matters if you are
using rabbitmq-auth-mechanism-ssl which will attempt to match the
certificate CN vs the user database in question. If you are using some
other SASL mechanism (say, PLAIN), the CN does not matter. Correct?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20130827/a0b53d6c/attachment.htm>

• Previous message: [rabbitmq-discuss] does RabbitMQ or Erlang/OTP attempt to match the CN of a client TLS cert?
• Next message: [rabbitmq-discuss] does RabbitMQ or Erlang/OTP attempt to match the CN of a client TLS cert?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]