[rabbitmq-discuss] RabbitMQ Federation & SSL
Eric Cozzi
n16483 at cray.com
Fri May 24 14:51:14 BST 2013
A-ha! That's exactly what I was missing. Thanks!
Eric
On 05/24/2013 05:02 AM, Simon MacMullen wrote:
> Hi. Are you setting the various SSL options in the URIs? See
> http://www.rabbitmq.com/shovel.html#uris for the URI format.
> Federation uses the AMQP client, which doesn't get its SSL options
> from the configuration file.
>
> Cheers, Simon
>
> On 23/05/13 21:28, Eric Cozzi wrote:
>> I am having an issue configuring Federation and passwordless-ssl login.
>> Federation is using https. Seems if I enable the ssl config option
>> {fail_if_no_peer_cert,true}, peer brokers get a SSL connection error
>> when trying to establish the Federation. Even though I'm setting my SSL
>> keys and certs in the rabbitmq config, I'm guessing that Federation
>> isn't using the configured certs? Is there a way to configure the client
>> and CA cert's to use with Federation?
>>
>> Eric
>>
>> Below is my (simplified) configuration.
>>
>> [
>> {rabbit,
>> [
>> {hipe_compile, true},
>> {tcp_listen_options,
>> [binary,
>> {packet,raw},
>> {reuseaddr,true},
>> {backlog,128},
>> {nodelay,true},
>> {exit_on_close,false}
>> ]
>> },
>> {ssl_listeners, [5671]},
>> {ssl_options, [{cacertfile,"/opt/cray/ssl/testca/cacert.pem"},
>> {certfile,"/opt/cray/ssl/server-01/cert.pem"},
>> {keyfile,"/opt/cray/ssl/server-01/key.pem"},
>> {verify,verify_peer},
>> {fail_if_no_peer_cert,false}
>> ]
>> }
>> ]
>> }
>> ].
>>
>> _______________________________________________
>> rabbitmq-discuss mailing list
>> rabbitmq-discuss at lists.rabbitmq.com
>> https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss
>
>
More information about the rabbitmq-discuss
mailing list