Help required to update key store password of certificate as a varaible in rabbitmq.conf #3796
Replies: 1 comment
-
|
Please, help us help you and let us know the following information:
You should be able to use the Note: the configuration will be written to a file in |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
Currently we are running Rabbit MQ with SSL with config file as below:
listeners.tcp.1 = IP:5672
listeners.ssl.default = 5671
ssl_options.cacertfile = /etc/rabbitmq/testca/DigiCertCA.crt
ssl_options.certfile = /etc/rabbitmq/testca/sitmiddleware_etransfercbx_cibc_com.crt
ssl_options.keyfile = /etc/rabbitmq/testca/sitmiddleware.etransfercbx.cibc.com.key
ssl_options.verify = verify_none
ssl_options.fail_if_no_peer_cert = false
ssl_options.password = *************
auth_mechanisms.1 = PLAIN
auth_mechanisms.2 = EXTERNAL
auth_mechanisms.3 = AMQPLAIN
management.tcp.port = 15672
management.ssl.port = 9443
management.ssl.cacertfile = /etc/rabbitmq/testca/DigiCertCA.crt
management.ssl.certfile = /etc/rabbitmq/testca/sitmiddleware_etransfercbx_cibc_com.crt
management.ssl.keyfile = /etc/rabbitmq/testca/sitmiddleware.etransfercbx.cibc.com.key
log.file = rabbit.log
log.dir = /var/log/rabbitmq/log
As you see we are giving keystore password(ssl_options.password = (***************) as a plain text which comes as a secrutiy risk so instead we wanted to store the password of keystore in azure secret and try to get the value of password as a environment variable from secrets and use the same environment variable in conf file instead directly specifying the keystore password
Will that be possible? If yes please share us the steps
Beta Was this translation helpful? Give feedback.
All reactions