25 lines
773 B
Plaintext
25 lines
773 B
Plaintext
# Send logs to container engine via stderr
|
|
log.console = true
|
|
log.console.level = info
|
|
log.file = false
|
|
|
|
# Disable default (non-TLS) listener
|
|
listeners.tcp = none
|
|
|
|
# Activate TLS listener on AMQPS port
|
|
listeners.ssl.default = 5671
|
|
ssl_options.certfile = /run/secrets/rabbitmq/cert/tls.crt
|
|
ssl_options.keyfile = /run/secrets/rabbitmq/cert/tls.key
|
|
|
|
# Require mTLS authentication (client certificate)
|
|
ssl_options.cacertfile = /etc/rabbitmq/ca.crt
|
|
ssl_options.verify = verify_peer
|
|
ssl_options.fail_if_no_peer_cert = true
|
|
auth_mechanisms.1 = EXTERNAL
|
|
ssl_cert_login_from = common_name
|
|
|
|
## Import user/permission definitions from JSON file
|
|
definitions.import_backend = local_filesystem
|
|
definitions.local.path = /etc/rabbitmq/definitions.json
|
|
definitions.skip_if_unchanged = true
|