Enabling Https in management console- RabbitMQ3.8.1 windows 10 erlang 22.1 #2442
-
|
I am trying to enable the HTTPS in RabbitMQ version 3.8.x. I am getting the error message openssl genrsa -des3 -out myCA.key 2048 C:>openssl req -x509 -new -nodes -key myCA.key -sha256 -days 6000 -out myCA.pem C:>openssl pkcs12 -in C:\xxxxx.pfx -nocerts -out key.pem -nodes Step 4: C:>openssl pkcs12 -in C:\xxxxx.pfx -nokeys -out cert.pem Step 5: C:>openssl rsa -in key.pem -out server.key Step 6: management.ssl.cacertfile="C://myCA.pem" management.ssl.certfile="C://cert.pem" management.ssl.keyfile="C://key.pem" More TLS optionsmanagement.ssl.honor_cipher_order = true management.ssl.honor_ecc_order = true management.ssl.client_renegotiation = false management.ssl.secure_renegotiate = true Supported TLS versionsmanagement.ssl.versions.1 = tlsv1.2 management.ssl.versions.2 = tlsv1.1 Cipher suites the server is allowed to usemanagement.ssl.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384 management.ssl.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384 management.ssl.ciphers.3 = ECDHE-ECDSA-AES256-SHA384 management.ssl.ciphers.4 = ECDHE-RSA-AES256-SHA384 management.ssl.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384 management.ssl.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384 management.ssl.ciphers.7 = ECDH-ECDSA-AES256-SHA384 management.ssl.ciphers.8 = ECDH-RSA-AES256-SHA384 management.ssl.ciphers.9 = DHE-RSA-AES256-GCM-SHA384 Step 7: Started the RabbitMQ server Throws below error **Config file generation failed: 17:37:46.028 [error] management.ssl.certfile invalid, file doesn/t exist or isn't readable 17:37:46.028 [error] management.ssl.keyfile invalid, file doesn/t exist or isn't readable 17:37:46.028 [error] management.ssl.cacertfile invalid, file doesn/t exist or isn't readable 17:37:46.035 [error] Error generating configuration in phase validation 17:37:46.035 [error] management.ssl.certfile invalid, file doesn/t exist or isn't readable 17:37:46.035 [error] management.ssl.keyfile invalid, file doesn/t exist or isn't readable 17:37:46.035 [error] management.ssl.cacertfile invalid, file doesn/t exist or isn't readable In case the setting comes from a plugin, make sure that the plugin is enabled. Alternatively remove the setting from the config. {"init terminating in do_boot",generate_config_file} init terminating in do_boot (generate_config_file)** |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments
-
|
The settings you are trying to use were introduced before 3.8 shipped so if they are not recognized, it means the management plugin is not enabled. The latest RabbitMQ release is |
Beta Was this translation helpful? Give feedback.
-
|
and instead of generating certificate/key pairs manually, consider using a tool that does it with all the important usage extensions taken into account. |
Beta Was this translation helpful? Give feedback.
-
|
Unmaking answers without any comments is not very helpful, in particular when you try to use a setting not available in |
Beta Was this translation helpful? Give feedback.
The settings you are trying to use were introduced before 3.8 shipped so if they are not recognized, it means the management plugin is not enabled.
The latest RabbitMQ release is
3.8.8, consider upgrading.