Show pageOld revisionsBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== Rabbitmq ====== **General Information** RabbitMQ is a cross platform message broker service. * Official RabbitMQ Page: https://www.rabbitmq.com/ * RabbitMQ RPMs: https://www.rabbitmq.com/install-rpm.html * Erlang/Rabbit Supported Versions Matrix: https://www.rabbitmq.com/which-erlang.html * Erlang Downloads: https://bintray.com/rabbitmq/rpm/erlang **Checklist** * Distro(s): CentOS 7 * Additional Repo: EPEL ---- ====== Installing ====== Installing RabbitMQ. ===== EL 7 ===== * RabbitMQ is available in the standard EL 7 EPEL repo * Its dependency, erlang is also available via the EPEL * Install from EPEL repo<code bash>yum install rabbitmq-server</code> ---- ====== Configure ====== * Create certs directory<code bash>mkdir -p /etc/rabbitmq/certs</code> * Copy your SSL certs into /etc/rabbitmq/certs/ * Create config file<code bash>vim /etc/rabbitmq/rabbitmq.config %% RabbitMQ-Server Configuration /etc/rabbitmq/rabbitmq.config %% Disable SSLv3.0, TLSv1.0/1.1 support, and the default clear text tcp port (5672) %% Specify ciphers so that we are not supporting 3DES(CBC) [ {ssl, [{versions, ['tlsv1.2']}]}, {rabbit, [ {tcp_listeners, []}, {ssl_listeners, [5671]}, {ssl_options, [{cacertfile,"/etc/rabbitmq/certs/current-ca.crt"}, {certfile, "/etc/rabbitmq/certs/current-cert.crt"}, {keyfile, "/etc/rabbitmq/certs/current-key.key"}, {verify, verify_peer}, {fail_if_no_peer_cert, false}, {versions, ['tlsv1.2']}, {ciphers, [ {ecdhe_rsa,aes_256_gcm,null,sha384}, {ecdh_rsa,aes_256_gcm,null,sha384}, {dhe_rsa,aes_256_gcm,null,sha384}, {dhe_dss,aes_256_gcm,null,sha384}, {rsa,aes_256_gcm,null,sha384}, {ecdhe_rsa,aes_128_gcm,null,sha256}, {ecdh_rsa,aes_128_gcm,null,sha256}, {dhe_rsa,aes_128_gcm,null,sha256}, {dhe_dss,aes_128_gcm,null,sha256}, {rsa,aes_128_gcm,null,sha256} ]}, {honor_cipher_order, true}, {honor_ecc_order, true} ]} ]} ]. </code> * To get the supported ciphers list on the rabbitmq server, execute<code bash>rabbitmqctl eval 'ssl:cipher_suites().'</code> * Start and enable the service * EL 7<code bash>systemctl start rabbitmq-server systemctl enable rabbitmq-server</code> ---- linux_wiki/rabbitmq.txt Last modified: 2019/05/25 23:50(external edit)