stackoom
  简体   繁体   中英

How to use SSL on RabbitMQ with Docker Compose?

 原文  2021-12-15 16:49:25       docker/ ssl/ rabbitmq

Question

I'm running a RabbitMQ instance on Docker with this docker-compose.yml and no problem, it' working:

version: '3.7'
services:
  my-rabbit:
    image: imageAddress
    hostname: my-rabbit
    ports:
      - "5672:5672"
      - "15672:15672"
    networks:
      - testNetwork
networks:
  testNetwork:
    external: true

But I have to use that RabbitMQ with certificates to get connection over TLS.

I tried this way and certs folder contains certificates but got error:

version: '3.7'
services:
  my-rabbit:
    tty: true
    image: imageAddress
    environment:
      - RABBITMQ_SSL_CERTFILE=/cert_rabbitmq/testca/cacert.pem
      - RABBITMQ_SSL_KEYFILE=/cert_rabbitmq/server/cert.pem
      - RABBITMQ_SSL_CACERTFILE=/cert_rabbitmq/server/key.pem
    hostname: my-rabbit
    ports:
      - "5672:5672"
      - "15672:15672"
    volumes:
      - /home/ilkaygunel/Desktop/certs:/cert_rabbitmq
    networks:
      - testNetwork
networks:
  testNetwork:
    external: true

The error is like below. It says old-style configuration file exists but I don't know what to do.

my-rabbit_1  | error: Docker configuration environment variables specified, but old-style (Erlang syntax) configuration file '/etc/rabbitmq/rabbitmq.config' exists
my-rabbit_1  |   Suggested fixes: (choose one)
my-rabbit_1  |    - remove '/etc/rabbitmq/rabbitmq.config'
my-rabbit_1  |    - remove any Docker-specific 'RABBITMQ_...' environment variables
my-rabbit_1  |    - convert '/etc/rabbitmq/rabbitmq.config' to the newer sysctl format ('/etc/rabbitmq/rabbitmq.conf'); see https://www.rabbitmq.com/configure.html#config-file

What should I do to use that certificate files?

1 answers

solution1
 0  2021-12-15 16:58:47

Try something like this. Also it seems like you are pointing the wrong files. certfile should be cert.pem , keyfile should be key.pem and cacertfile should be cacert

Or if you wanna use 3.7 like yours, it should be:-

version: '3.7'
services:
  my-rabbit:
    tty: true
    image: imageAddress
    environment:
      - RABBITMQ_SSL_CERTFILE=/cert_rabbitmq/testca/cert.pem
      - RABBITMQ_SSL_KEYFILE=/cert_rabbitmq/server/key.pem
      - RABBITMQ_SSL_CACERTFILE=/cert_rabbitmq/server/cacert.pem
    hostname: my-rabbit
    ports:
      - "5672:5672"
      - "15672:15672"
    volumes:
      - /home/ilkaygunel/Desktop/certs:/cert_rabbitmq
    networks:
      - testNetwork
networks:
  testNetwork:
    external: true

OR alternatively, just set up a rabbitmq config file using the new format like this:-

#A new style format snippet. This format is used by rabbitmq.conf files.
ssl_options.cacertfile           = /path/to/ca_certificate.pem
ssl_options.certfile             = /path/to/server_certificate.pem
ssl_options.keyfile              = /path/to/server_key.pem
ssl_options.verify               = verify_peer
ssl_options.fail_if_no_peer_cert = true

Looks like from the docs, using this config format, you might not even need to use the RABBITMQ... style environment variables in your docker compose file.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to use the rabbitmq docker compose yml file to build docker image? How to docker-compose ThingsBoard + RabbitMQ? How to connect to RabbitMQ (docker-compose)? docker-compose with rabbitmq How can I connect Flower to the broker RabbitMQ in docker-compose How to connect to RabbitMQ using environmental variables (docker-compose)? How to use docker compose with dokku? Specify cert to use for SSL in docker-compose.yml file? How to use Docker Compose with legacy Docker Swarm How to use docker deploy in docker-compose 3?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM