springboot RabbitMQ TLS/SSL windows配置

  1. 一定要注意erlang和rabbitmq的版本配套,查看配套,我用的Erlang版本为 22.3,MQ版本为3.8.14
  2. erlang安装
  3. 下载rabbitmq早期版本要去github,上一页下一页翻页的,如果网速不好,可以直接下载:

    windows地址:https://github.com/rabbitmq/rabbitmq-server/releases/download/v v e r s i o n / r a b b i t m q − s e r v e r − {version}/rabbitmq-server- version/rabbitmqserver{version}.exe,如:https://github.com/rabbitmq/rabbitmq-server/releases/download/v3.8.14/rabbitmq-server-3.8.14.exe

  4. linux生成证书,参考官网
    git clone https://github.com/michaelklishin/tls-gen tls-gen
    cd tls-gen/basic
    # 密码1
    make PASSWORD=123456
    make verify
    make info
    ls -l ./result
    
  5. linux生成Java客户端store,参考官网
    keytool -import -alias server1 -file /path/to/server_certificate.pem -keystore /path/to/rabbitstore
    

    /path/to是第4步生成证书目录,执行时输入的密码(密码2)要记住,如:111111

  6. 打包便于下载到windows:zip rasult.zip ./*
  7. 修改rabbitmq配置文件,advanced.config或者rabbitmq.config
    [
        {rabbit, [
            {tcp_listeners, [5673]},
            {ssl_listeners, [5671]},
            {ssl_options, [{cacertfile,"D:\\dev_tools\\tls\\ca_certificate.pem"},
                {certfile,"D:\\dev_tools\\tls\\server_certificate.pem"},
                {keyfile,"D:\\dev_tools\\tls\\server_key.pem"},
                {verify, verify_peer},
                {fail_if_no_peer_cert, true},
    			{password, "123456"}
            ]}
        ]}
    ].
    

    D:\\dev_tools\\tls为下载生成的证书地址,{password, “123456”}这里时make设置的密码1

  8. 重启rabbit控制台:rabbitmq-plugins enable rabbitmq_management
    springboot RabbitMQ TLS/SSL windows配置_第1张图片
  9. springboot
    1. 依赖
      <dependencies>
             <dependency>
                 <groupId>org.springframework.bootgroupId>
                 <artifactId>spring-boot-starter-amqpartifactId>
             dependency>
      
             <dependency>
                 <groupId>org.springframework.bootgroupId>
                 <artifactId>spring-boot-starter-testartifactId>
                 <scope>testscope>
             dependency>
             <dependency>
                 <groupId>org.springframework.amqpgroupId>
                 <artifactId>spring-rabbit-testartifactId>
                 <scope>testscope>
             dependency>
         dependencies>
      
    2. 配置文件:
      spring.rabbitmq.host=127.0.0.1
      spring.rabbitmq.port=5671
      spring.rabbitmq.username=guest
      spring.rabbitmq.password=guest
      spring.rabbitmq.virtual-host=/
      spring.rabbitmq.ssl.enabled=true
      spring.rabbitmq.ssl.key-store=classpath:client_key.p12
      # 密码1
      spring.rabbitmq.ssl.key-store-password=123456
      spring.rabbitmq.ssl.trust-store=classpath:rabbitstore
      # 密码2
      spring.rabbitmq.ssl.trust-store-password=111111
      spring.rabbitmq.ssl.algorithm=TLSv1.2
      spring.rabbitmq.ssl.trust-store-type=JKS
      spring.rabbitmq.ssl.key-store-type=PKCS12
      spring.rabbitmq.ssl.validate-server-certificate=true
      spring.rabbitmq.ssl.verify-hostname=false
      
    3. classpath下存放证书
      在这里插入图片描述
    4. 控制台创建一个名为“test”的queue
    5. 测试代码
      @Autowired
      private RabbitTemplate rabbitTemplate;
      
      @Test
      public void send() {
          rabbitTemplate.convertAndSend(  "test", "Hello");
      }
      
      @Test
      public void receive() {
          Object msg = rabbitTemplate.receiveAndConvert("test");
          System.out.println(msg);
      }
      

linux环境远程访问需要添加管理员用户:

rabbitmqctl add_user admin admin
rabbitmqctl set_user_tags admin administrator
rabbitmqctl set_permissions -p "/" admin ".*" ".*" ".*"

你可能感兴趣的:(中间件,rabbitmq,ssl,java)