mutual TLS and peer verification #188
Unanswered
GaneaIustin
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello
I'd like to know if it's possible to do mutual TLS from rmq and if so, if you can provide any info that is helpful.
I am currently in need to do a mutual TLS connection and as far as I tried, I can send the certificate along with the key as a p12 and the server will trust my client. But there seems to be no way to check the server from the client in iOS.
There are 2 examples for java and .net in the official docs and they both trust the certificate using the trust store, thing that's not possible on iOS as far as I am aware.
How is peer verification working on the client? As much as I set it on true and peer name is set to host or CN i'll get a kCFStreamErrorDomainSSL Code=-9807 error. In the written tests I found that uses TLS I didn't figure out how verifying the peer works.
Sample of how I connect:
let tlsOptions:RMQTLSOptions = RMQTLSOptions(peerName: "", verifyPeer: false, pkcs12: Manager.getCertificateManager().getCertificate(), pkcs12Password: "secretPw")
conn = RMQConnection(uri: "amqps://host:5671", tlsOptions: tlsOptions, delegate: RMQConnectionDelegateLogger())
Beta Was this translation helpful? Give feedback.
All reactions