[rabbitmq-discuss] LDAP SSL Configuration
Mark Soderquist
SoderquistMV at ldschurch.org
Wed May 14 20:27:05 BST 2014
I have now added ssl_options to my configuration:
{ssl_options, [{certfile, "/etc/rabbitmq/rabbitmq.pub"},
{keyfile, "/etc/rabbitmq/rabbitmq.key"}
]},
I believe this worked because I'm now getting a different error:
{exit,{ssl_options_requires_min_r16a}
I looked this up and it appears to be a version check. If I can read the code correctly it checks for version "5.10" which correlates to OTP release "R16A". I have version "5.9.2" installed which correlates to OTP release "R15B02". Clearly I have an older version than the SSL options support. Is this correct?
-----Original Message-----
From: Mark Soderquist
Sent: Tuesday, May 13, 2014 7:20 AM
To: 'Simon MacMullen'; Discussions about RabbitMQ
Subject: RE: [rabbitmq-discuss] LDAP SSL Configuration
Still just getting: LDAP connect error: {error,"connect failed"} Changing to {log, network} did not give me any more information.
I'm now going to assume that our LDAP server does not accept clients without certificates.
On 12/05/2014 21:59, Mark Soderquist wrote:
> I'm attempting to connect to our LDAP server over SSL instead of plain
> sockets. The plain socket configuration works but simply enabling the
> use_ssl flag and changing the port does not appear to be enough. What
> else is required to connect to an LDAP server using SSL?
I believe that simple configuration should be able to work assuming your LDAP server accepts clients without certificates.
> Here is my configuration:
> {log, true}
> The log simply reports a connection failure:
>
> =INFO REPORT==== 12-May-2014::14:28:41 ===
>
> LDAP connect error: {error,"connect failed"}
If you change {log, true} to {log, network} then you should get better diagnostics on failed connections.
Cheers, Simon
NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message.
More information about the rabbitmq-discuss
mailing list