mutual TLS and peer verification #188
Unanswered
GaneaIustin
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello
I'd like to know if it's possible to do mutual TLS from rmq and if so, if you can provide any info that is helpful.
I am currently in need to do a mutual TLS connection and as far as I tried, I can send the certificate along with the key as a p12 and the server will trust my client. But there seems to be no way to check the server from the client in iOS.
There are 2 examples for java and .net in the official docs and they both trust the certificate using the trust store, thing that's not possible on iOS as far as I am aware.
How is peer verification working on the client? As much as I set it on true and peer name is set to host or CN i'll get a kCFStreamErrorDomainSSL Code=-9807 error. In the written tests I found that uses TLS I didn't figure out how verifying the peer works.
Sample of how I connect:
let tlsOptions:RMQTLSOptions = RMQTLSOptions(peerName: "", verifyPeer: false, pkcs12: Manager.getCertificateManager().getCertificate(), pkcs12Password: "secretPw")
conn = RMQConnection(uri: "amqps://host:5671", tlsOptions: tlsOptions, delegate: RMQConnectionDelegateLogger())
Beta Was this translation helpful? Give feedback.
All reactions