Connecting SSL Support to Rabbit MQ

The following steps outline the process of connecting SSL Support to RabbitMQ:

1. Edit the <Cache.../> string in InnovatorServerConfig.xml on Innovator Server. Add the following attributes:
   RabbitSslEnabled="true” - parameter turns TLS support on or off. It is off by default.
   RabbitSslCertPath="/path/to/client_key.p12" - path to the client’s certificate in PKCS#12 format.
   RabbitSslCertPassphrase="yourPassword” - If your certificate has a password, specify it here. If your certificate doesn’t have a password, leave it blank.
   RabbitSslServerName="SAN_RABBIT_HOST” - expects this to match the Subject Alternative Name (SAN) or Common Name (CN) on the certificate that the server sends over.

   Example blow:

   <Cache RabbitServiceHost="10.17.144.7" RabbitUser="innovator1" RabbitPassword="innovator” RabbitExchange="arasExchange_test” RabbitHostPort="5671" invalidation_broker_type="MessageQueueDependency” RabbitSslEnabled="true” RabbitSslCertPath="c:\Certificates\tls-gen\basic\nesult\client_SUP-2016-PERF.p12" RabbitSslCertPassphrase="innovator” RabbitSslServerName="SUP-2016-PERF"/>

2. Restart RabbitMQ.

3. Restart IIS on Innovator server.

1. Launch RabbitMQ UI client.
2. Log into the system.
3. Confirm that the new exchange is created with SSL / TLS similar to the image below.