Friday, April 4, 2014

RabbitMQ, .NET and SSL: it can actually be easy!

So in my previous post I explained my troubles with RabbitMQ, a .NET client application and an SSL connection. I got it to work eventually.
As I was playing around with a local install of RabbitMQ I remembered one of the server settings which had triggered a "I should look into this later" thought earlier. It was the SSL option "verify".
Now, according to the RabbitMQ SSL setup guide, this value should be set to "verify_peer". I wanted to know what other options are valid and what they do. So a Google later I found out there is another valid value: "verify_none".
Three guesses what this does? Yes, indeed, it removes the requirement of needing a client SSL certificate. *sigh*. Things we would've liked to have known two days earlier....

So anyway, setting this option means you connect to the RabbitMQ server just like you would to a web site. The connection is protected by SSL and the client doesn't need it's own SSL certificate. So if protecting the communication is the only thing you care about, this settings makes your life a lot easier. Now all you need to do is use an "AMQP://" connection string for an unencrypted connection, or an "AMQPS://" connection string for an SSL protected connection. No other settings are needed on the client side.