我正在尝试将RabbitMQ设置为可通过SSL工作。
我已更改配置文件(/etc/rabbitmq/rabbitmq.config),如以下链接所述 https://www.rabbitmq.com/ssl.html至:
# Defaults to rabbit. This can be useful if you want to run more than one node
# per machine - RABBITMQ_NODENAME should be unique per erlang-node-and-machine
# combination. See the clustering on a single machine guide for details:
# http://www.rabbitmq.com/clustering.html#single-machine
#NODENAME=rabbit
# By default RabbitMQ will bind to all interfaces, on IPv4 and IPv6 if
# available. Set this if you only want to bind to one network interface or#
# address family.
#NODE_IP_ADDRESS=127.0.0.1
# Defaults to 5672.
#NODE_PORT=5672
listeners.ssl.default = 5671
ssl_options.cacertfile = /home/myuser/rootca.crt
ssl_options.certfile = /home/myuser/mydomain.com.crt
ssl_options.keyfile = /home/myuser/mydomain.com.key
ssl_options.verify = verify_peer
ssl_options.password = 1234
ssl_options.fail_if_no_peer_cert = false
我一直收到以下错误:
sudo rabbitmq-server
/usr/lib/rabbitmq/bin/rabbitmq-server: 15: /etc/rabbitmq/rabbitmq-env.conf: listeners.ssl.default: not found
如果删除上面的行,则会出现以下错误:
sudo rabbitmq-server
/usr/lib/rabbitmq/bin/rabbitmq-server: 17: /etc/rabbitmq/rabbitmq-env.conf: ssl_options.cacertfile: not found
值得一提的是,没有以上SSL配置,一切就可以正常工作。
能请你帮忙吗?
谢谢:)
答案 0 :(得分:1)
当您请求软件帮助时,务必始终声明要使用的软件版本是非常重要的。对于RabbitMQ,还必须提供所使用的Erlang版本和操作系统。
在您的情况下,您在/etc/rabbitmq/rabbitmq-env.conf中具有(注释掉)环境配置以及不正确的RabbitMQ配置。必须从rabbitmq-env.conf中删除以下几行,并将其放入/etc/rabbitmq/rabbitmq.conf文件中:
listeners.ssl.default = 5671
ssl_options.cacertfile = /home/myuser/rootca.crt
ssl_options.certfile = /home/myuser/mydomain.com.crt
ssl_options.keyfile = /home/myuser/mydomain.com.key
ssl_options.verify = verify_peer
ssl_options.password = 1234
ssl_options.fail_if_no_peer_cert = false
注意: RabbitMQ团队监视rabbitmq-users mailing list,并且有时仅在StackOverflow上回答问题。
答案 1 :(得分:0)
在 Rabbitmq.config 中更改以下内容以侦听 5673
listeners.ssl.default = 5673