[rabbitmq-discuss] TCP vs. SSL configuration

• Previous message: [rabbitmq-discuss] TCP vs. SSL configuration
• Next message: [rabbitmq-discuss] TCP vs. SSL configuration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Just leave RABBITMQ_NODE_PORT blank. The "real" setting is the one in 
the config file, the environment variables provide a way to override 
that, if they are set.

If you want multiple brokers on one machine, each with SSL only, you'll 
need to set up one config file per broker, and then point to that using 
RABBITMQ_CONFIG_FILE (see http://www.rabbitmq.com/relocate.html).

Cheers, Simon

On 27/06/13 14:33, Tim Bain wrote:
> So if TCP is disabled via the section you referenced in rabbitmq.config,
> then what goes in the environment variable RABBITMQ_NODE_PORT?  Is that
> value simply ignored if TCP is disabled (so you can set the environment
> variable to anything, or just leave it unset)?  Do you set it to the SSL
> port?  Something else?
>
> And if you have a set of N nodes in a cluster on a single machine, do
> you still need to have a different value of RABBITMQ_NODE_PORT for each
> instance?  (Do you just make it match the SSL port each node is using?)
>
> Thanks,
> Tim
>
>
> On Thu, Jun 27, 2013 at 5:31 AM, Simon MacMullen <simon at rabbitmq.com
> <mailto:simon at rabbitmq.com>> wrote:
>
>     You can't disable the TCP listener via environment variables and
>     hence rabbitmq-env.conf. But you can via the main configuration file
>     - see tcp_listeners under
>     http://www.rabbitmq.com/__configure.html#config-items
>     <http://www.rabbitmq.com/configure.html#config-items> - just set it
>     to [].
>
>     Cheers, Simon
>
>     On 26/06/13 17:50, tbain98 at gmail.com <mailto:tbain98 at gmail.com> wrote:
>
>         I'm new to RabbitMQ, and am a bit confused by some of the
>         documentation
>         surrounding TCP vs. SSL configuration.
>
>         I'm trying to set up a broker for which only authenticated SSL-based
>         connections will be allowed, so I do not want the TCP listener
>         running.
>         That seems easy to do for rabbitmq-env.conf, but the documentation
>         <http://www.rabbitmq.com/__configure.html
>         <http://www.rabbitmq.com/configure.html>> seems to indicate that
>         RABBITMQ_NODE_PORT is a required property (or at least, it seems
>         to be
>         required if you're setting up clustering on a single machine
>         <http://www.rabbitmq.com/__clustering.html#single-machine
>         <http://www.rabbitmq.com/clustering.html#single-machine>__>,
>         which I'm not
>         doing yet but want the option to do in the future) and that if
>         it's not
>         provided, a default will be used.
>
>         Is it possible to configure an SSL-only broker (just one node on a
>         single machine), and if so, what if anything do you set
>         RABBITMQ_NODE_PORT to?  (Just "RABBITMQ_NODE_PORT=" ?)  And
>         (separate
>         question) is it possible to configure a single-machine cluster with
>         multiple nodes, where each node is SSL-only, and again, what do
>         you set
>         RABBITMQ_NODE_PORT to for each node?
>
>         Thanks for the help...
>         Tim
>
>
>         _________________________________________________
>         rabbitmq-discuss mailing list
>         rabbitmq-discuss at lists.__rabbitmq.com
>         <mailto:rabbitmq-discuss at lists.rabbitmq.com>
>         https://lists.rabbitmq.com/__cgi-bin/mailman/listinfo/__rabbitmq-discuss
>         <https://lists.rabbitmq.com/cgi-bin/mailman/listinfo/rabbitmq-discuss>
>
>
>
>     --
>     Simon MacMullen
>     RabbitMQ, Pivotal
>
>


-- 
Simon MacMullen
RabbitMQ, Pivotal

• Previous message: [rabbitmq-discuss] TCP vs. SSL configuration
• Next message: [rabbitmq-discuss] TCP vs. SSL configuration
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]