[rabbitmq-discuss] Create an encrypted SSL connection without having to verify certificate

Michael Klishin mklishin at pivotal.io
Thu Jul 31 07:02:46 BST 2014

On 31 July 2014 at 09:59:23, Ankur5 C (ankur5.c at tcs.com) wrote:
> > Would request you to please let me know how one can instruct rabbitmq  
> not verify peer and use the one connect without validating certificates  
> ?
> My config file:
> [{rabbit, [{tcp_listeners, [5672]},{ssl_listeners, [5671]},  
> {ssl_options, [{cacertfile,"/etc/rabbitmq/testca/cacert.pem"},  
> {certfile,"/etc/rabbitmq/server/cert.pem"},
> {keyfile,"/etc/rabbitmq/server/key.pem"},
> {verify,verify_none},
> {fail_if_no_peer_cert,false}]}]}
> ].

This is all you need.

This line

means "perform no peer verification" (don't check that the client
is who it claims to be), while


means "don't even bother checking if the client has a certificate".

With this configuration


is all you need to do in the Java client to make it use TLS (technically, SSLv3). 

Staff Software Engineer, Pivotal/RabbitMQ

More information about the rabbitmq-discuss mailing list