FreeKB - RabbitMQ SSL/TLS
RabbitMQ - SSL/TLS

The RabbitMQ configuration file, which by default is located at /etc/rabbitmq/rabbitmq.conf, will list the location of the Certificate Authority (CA) file, server certificate file, and private key file.

If the conf file in in the INI format, something like this should be displayed.

ssl_options.cacertfile = /path/to/ca.pem
ssl_options.certfile   = /path/to/certificate.pem
ssl_options.keyfile    = /path/to/key.pem

 

If the rabbitmq.conf file is in YAML format, and SSL is disabled, something like this should be defined.

{use_ssl, false}

 

On the other hand, if SSL is enabled, something like this should be defined.

[
  {rabbit, [{ssl_options, [{cacertfile,           "/path/to/ca.pem"},
                           {certfile,             "/path/to/certificate.pem"},
                           {keyfile,              "/path/to/key.pem"},
                           {verify,               verify_peer},
                           {fail_if_no_peer_cert, true}]}]}
].

 

The cat command (on Linux) can be used to view the content of each file, which should return something like this.

]# cat certificate.pem
-----BEGIN CERTIFICATE-----
MIIG2zCCBcOgAwIBAgITFwAFD6 . . .
-----END CERTIFICATE-----

 

The openssl command with the X509, -text, and -noout options can be used to view the actual certificate data.

openssl x509 -text -noout -in certificate.pem

 

Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter 66861 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |