Wildcard certificate verification issues
145 views
Skip to first unread message
lexi.e...@gmail.com
May 17, 2022, 11:45:14 AM5/17/22
to rabbitmq-users
Hi,
We've been installing RabbitMQ on various systems for a while now using wildcard certificates. We have recently come across one that doesn't seem to work. When using rabbitmqctl, rabbitmq-diagnostics etc. we get the classic "TCP connection succeeded but Erlang distribution failed". This only happens when we set verify_peer in the rabbitmq.config and inter_node_tls.config files. With verify_none it works fine, leading me to suspect that verification is failing. I have tried the troubleshooting commands in the tls troubleshooting docs and can't find any obvious issues. Is there any way I can get more information about what is failing the erlang verification with this certificate? The subject is of the format:
E = in...@domain.co.uk, CN = *.
domain.com, OU = Company, O = Company Ltd, L = Location, S = County, C = GB
It is directly signed by a CA with no intermediates.
Any help would be much appreciated,
Thanks,
Lexi
It is directly signed by a CA with no intermediates.
Any help would be much appreciated,
Thanks,
Lexi
lexi.e...@gmail.com
May 26, 2022, 8:48:27 AM5/26/22
to rabbitmq-users
Is there any extra information I can give that would enable someone to help with this?
Luke Bakken
May 26, 2022, 9:54:05 AM5/26/22
to rabbitmq-users
Hello,
We need to know the following:
- RabbitMQ version
- Erlang version
- Attach your complete RabbitMQ configuration file(s)
My guess is that you will have to configure SSL with the following verification function - https://github.com/vernemq/vernemq/issues/1485
Thanks,
Luke
Reply all
Reply to author
Forward
0 new messages