====== Rabbitmq ======
**General Information**
RabbitMQ is a cross platform message broker service.
* Official RabbitMQ Page: https://www.rabbitmq.com/
* RabbitMQ RPMs: https://www.rabbitmq.com/install-rpm.html
* Erlang/Rabbit Supported Versions Matrix: https://www.rabbitmq.com/which-erlang.html
* Erlang Downloads: https://bintray.com/rabbitmq/rpm/erlang
**Checklist**
* Distro(s): CentOS 7
* Additional Repo: EPEL
----
====== Installing ======
Installing RabbitMQ.
===== EL 7 =====
* RabbitMQ is available in the standard EL 7 EPEL repo
* Its dependency, erlang is also available via the EPEL
* Install from EPEL repoyum install rabbitmq-server
----
====== Configure ======
* Create certs directorymkdir -p /etc/rabbitmq/certs
* Copy your SSL certs into /etc/rabbitmq/certs/
* Create config filevim /etc/rabbitmq/rabbitmq.config
%% RabbitMQ-Server Configuration /etc/rabbitmq/rabbitmq.config
%% Disable SSLv3.0, TLSv1.0/1.1 support, and the default clear text tcp port (5672)
%% Specify ciphers so that we are not supporting 3DES(CBC)
[
{ssl, [{versions, ['tlsv1.2']}]},
{rabbit, [
{tcp_listeners, []},
{ssl_listeners, [5671]},
{ssl_options, [{cacertfile,"/etc/rabbitmq/certs/current-ca.crt"},
{certfile, "/etc/rabbitmq/certs/current-cert.crt"},
{keyfile, "/etc/rabbitmq/certs/current-key.key"},
{verify, verify_peer},
{fail_if_no_peer_cert, false},
{versions, ['tlsv1.2']},
{ciphers, [
{ecdhe_rsa,aes_256_gcm,null,sha384},
{ecdh_rsa,aes_256_gcm,null,sha384},
{dhe_rsa,aes_256_gcm,null,sha384},
{dhe_dss,aes_256_gcm,null,sha384},
{rsa,aes_256_gcm,null,sha384},
{ecdhe_rsa,aes_128_gcm,null,sha256},
{ecdh_rsa,aes_128_gcm,null,sha256},
{dhe_rsa,aes_128_gcm,null,sha256},
{dhe_dss,aes_128_gcm,null,sha256},
{rsa,aes_128_gcm,null,sha256}
]},
{honor_cipher_order, true},
{honor_ecc_order, true}
]}
]}
].
* To get the supported ciphers list on the rabbitmq server, executerabbitmqctl eval 'ssl:cipher_suites().'
* Start and enable the service
* EL 7systemctl start rabbitmq-server
systemctl enable rabbitmq-server
----