Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document using wildcard certificates for inter-node TLS #1791

Open
lukebakken opened this issue Jan 23, 2024 · 2 comments
Open

Document using wildcard certificates for inter-node TLS #1791

lukebakken opened this issue Jan 23, 2024 · 2 comments
Assignees
@lukebakken
Labels
enhancement

Comments

@lukebakken
Copy link
Contributor

lukebakken commented Jan 23, 2024
edited
Loading

Is your feature request related to a problem? Please describe.

rabbitmq/rabbitmq-server#10398

It's rare, but some users use wildcard certs for inter-node TLS. We should document the correct way to configure Erlang for this scenario.
@lukebakken lukebakken self-assigned this Jan 23, 2024
@cvuillemez
Copy link

Not only for inter-nodes. There is a lack of documentation for federation plugin too.
How to connect to a remote SSL cluster which have wildcard in SAN certificate ?
I tried to pass the following (properly url-encoded) setting in URI parameters :-S :

{customize_hostname_check, [
        {match_fun, public_key:pkix_verify_hostname_match_fun(https)}

@lukebakken
Copy link
Contributor Author

@cvuillemez in your case you are currently out of luck, and the solution is to not use wildcard certs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lukebakken lukebakken

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lukebakken @cvuillemez