Configure RabbitMQ To Use SSL

If your environment uses SSL, you must configure RabbitMQ to use SSL. If your environment does not use SSL, you can skip this task.

Do not configure RabbitMQ to use SSL unless the entire environment is configured to use SSL. Mixing SSL and non-SSL components in an environment can cause issues.

Before you begin this task, obtain the RabbitMQ certificate utility (rabbitCertCreation.ps1), the openssl.cnf file, and the RabbitMQ configuration file (advanced.config) from Uptivity Installation.

This task must be performed on all servers that will host RabbitMQ.

  1. Open Windows PowerShell and run the following command:

    Set-ExecutionPolicy RemoteSigned

  2. In PowerShell, navigate to the RabbitMQ certificate utility (rabbitCertCreation.ps1).
  3. Run the following command, inserting values specific to your installation for OpenSslPath, <computer_ name>, <key file password>, and <organization name> like in the following example (the path for "OpenSslPath" may vary depending on your configuration):

    ./rabbitCertCreation.ps1 -OpenSslPath "C:\Program Files\OpenSSL-Win64" -ca <cert_auth_name> -cn <computer_name> -password <key file password>

  4. Navigate to [Drive]:\RabbitMQ and create a folder named "certs". (The RabbitMQ folder is defined in the system variable for RABBITMQ_BASE.)
  5. Browse to the certificate files created in step 2 (.\server\cert.pem;.\server\key.pem; and .\testca\cacert.pem) and copy them to the "certs" folder created in step 3.
  6. Copy advanced.config to [Drive]:\RabbitMQ.
  7. Open advanced.config and verify that the settings match the location of the certificate files. Then, replace "KEY FILE PASSWORD" with the password that you set for your certificates back in step 2.
  8. Open an administrative command prompt and change to the RabbitMQ sbin directory similar to the following example (the path to the sbin folder may vary depending on your configuration):

    C:\Program Files (x86)\RabbitMQ Server\rabbitmq_server-<version number>\sbin\

  9. Open the settings.ini file. Under [rabbitmq1], change enablessl to true.
  10. Run the following commands:

    Rabbitmq-service.bat stop

    Rabbitmq-service.bat remove

    Rabbitmq-service.bat install

    Rabbitmq-service.bat start

 

<< Previous Task | Install Federated Exchanges

 

Next Task | Configure RabbitMQ Clusters >>