[rabbitmq-discuss] Create an encrypted SSL connection without having to verify certificate
Michael Klishin
mklishin at pivotal.io
Thu Jul 31 07:38:39 BST 2014
On 31 July 2014 at 10:23:35, Ankur5 C (ankur5.c at tcs.com) wrote:
> > I have successfully tested the ssl with validating certificates
> , but this one which is ssl without validating certificates hardly
> works , inspite of the fact that I have mentioned
>
> {ssl_options, [{verify,verify_none},
> > {fail_if_no_peer_cert,false}]}]}
>
> and restarted the server.
>
> Could you please try and execute this one at your end once. I guess
> there are some issues.
Honestly, I have doubts it is a RabbitMQ issue.
Test config:
https://gist.github.com/michaelklishin/574fac0a6bf8edbf74e7
Connection info (no certificate, using Bunny as a client):
https://gist.github.com/michaelklishin/a8b1c9437db4f4faebf2
Connection info (no certificate, using March Hare, which uses Java client under the hood):
https://gist.github.com/michaelklishin/f33cf7bf731b531ef842
Connection info (no certificate, using Langohr, which uses Java client under the hood):
https://gist.github.com/michaelklishin/d2c945087d4277880a6c
openssl s_client:
https://gist.github.com/michaelklishin/2b6d2724f0812de67224
4 different clients (2 base on the Java one), all successfully connect without
client certificates. Only one of them (s_client) performs peer verification.
--
MK
Staff Software Engineer, Pivotal/RabbitMQ
More information about the rabbitmq-discuss
mailing list