General Information
RabbitMQ is a cross platform message broker service.
Checklist
Installing RabbitMQ.
yum install rabbitmq-server
mkdir -p /etc/rabbitmq/certs
vim /etc/rabbitmq/rabbitmq.config %% RabbitMQ-Server Configuration /etc/rabbitmq/rabbitmq.config %% Disable SSLv3.0, TLSv1.0/1.1 support, and the default clear text tcp port (5672) %% Specify ciphers so that we are not supporting 3DES(CBC) [ {ssl, [{versions, ['tlsv1.2']}]}, {rabbit, [ {tcp_listeners, []}, {ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/certs/current-ca.crt"}, {certfile, "/etc/rabbitmq/certs/current-cert.crt"}, {keyfile, "/etc/rabbitmq/certs/current-key.key"}, {verify, verify_peer}, {fail_if_no_peer_cert, false}, {versions, ['tlsv1.2']}, {ciphers, [ {ecdhe_rsa,aes_256_gcm,null,sha384}, {ecdh_rsa,aes_256_gcm,null,sha384}, {dhe_rsa,aes_256_gcm,null,sha384}, {dhe_dss,aes_256_gcm,null,sha384}, {rsa,aes_256_gcm,null,sha384}, {ecdhe_rsa,aes_128_gcm,null,sha256}, {ecdh_rsa,aes_128_gcm,null,sha256}, {dhe_rsa,aes_128_gcm,null,sha256}, {dhe_dss,aes_128_gcm,null,sha256}, {rsa,aes_128_gcm,null,sha256} ]}, {honor_cipher_order, true}, {honor_ecc_order, true} ]} ]} ].
rabbitmqctl eval 'ssl:cipher_suites().'
systemctl start rabbitmq-server
systemctl enable rabbitmq-server