RabbitMQ Auto Reloading Certificates Without Restart
206 views
Skip to first unread message
Dhayakar Dhaya
Apr 11, 2024, 10:18:11 AM4/11/24
to rabbitmq-users
Hi Support Team,
1. I am currently using the rabbitMQ v3.12.12 with Erlang v25.1 in windows 10.
2. I have a set up with old SSL certificates which is running fine, but when the new ssl certificates are uploaded the rabbitMQ is loading the new certificates automatically. But we do not want RabbitMq to reload certificates automatically. We want to configure rabbitMq to stop auto reload/refresh of certificates and to take new certificates only upon RabbitMq restart.
3. Is there any configuration setting to stop rabbitMq from auto reload of certificate changes in advanced.config or rabbitmq.conf ?
I came across this link where we have a way to set the configuration to stop auto reload but it doesn’t seem to work --> "trust_store.refresh_interval = 30",
provided in this link https://github.com/rabbitmq/rabbitmq-trust-store to avoid the restart of rabbitMQ when certificates are loaded.
1. I am currently using the rabbitMQ v3.12.12 with Erlang v25.1 in windows 10.
2. I have a set up with old SSL certificates which is running fine, but when the new ssl certificates are uploaded the rabbitMQ is loading the new certificates automatically. But we do not want RabbitMq to reload certificates automatically. We want to configure rabbitMq to stop auto reload/refresh of certificates and to take new certificates only upon RabbitMq restart.
3. Is there any configuration setting to stop rabbitMq from auto reload of certificate changes in advanced.config or rabbitmq.conf ?
I came across this link where we have a way to set the configuration to stop auto reload but it doesn’t seem to work --> "trust_store.refresh_interval = 30",
provided in this link https://github.com/rabbitmq/rabbitmq-trust-store to avoid the restart of rabbitMQ when certificates are loaded.
Michal Kuratczyk
Apr 11, 2024, 1:52:43 PM4/11/24
to rabbitm...@googlegroups.com
First of all, this is a community forum so "hi support team" is really awkward. If you are paying for RabbitMQ support, please use the appropriate channels.
Yes, RabbitMQ implicitly reloads certificates when files change. This is something Erlang/OTP does, not RabbitMQ as such.
Most users are very happy it works this way, so I've never researched if it can be disabled. You need to search in Erlang's documentation.
"SSL PEM cache" is something to look for. Alternatively, just don't change the files until you restart RabbitMQ.
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rabbitmq-user...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/f0a9e272-5848-4922-b745-c7b7a6db8f16n%40googlegroups.com.
Michal
RabbitMQ Team
This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.
Reply all
Reply to author
Forward
0 new messages