安全接入点
RabbitMQ 安全接入点支持 "PLAIN"、"AMQPLAIN" 授权机制。
1、访问控制
RabbitMQ "PLAIN"、"AMQPLAIN"授权机制需要创建用户,从而获得对应虚拟主机的访问权限。
2、接入步骤
(1)新建用户(集群管理->用户->新建用户)
(2)运行demo
客户端关键参数设置
"PLAIN"、"AMQPLAIN" 授权机制的客户端关键参数配置
String host = "192.168.0.0"; //安全接入点ip Integer port = 5672; //安全接入点port String username = "xxx"; //集群管理用户列表的用户名 String password = "xxx"; String vhost = "/"; ConnectionFactory connectionFactory = new ConnectionFactory(); connectionFactory.setHost(host); connectionFactory.setPort(port); connectionFactory.setUsername(username); connectionFactory.setPassword(password); connectionFactory.setVirtualHost(vhost);
SSL接入点
RabbitMQ 安全接入点支持 "EXTERNAL" 授权机制。
1、 访问控制
无
2、 接入步骤
(1)下载SSL证书(实例概览->导出服务->下载SSL文件)
(2)运行demo
客户端关键参数设置
"EXTERNAL" 授权机制的客户端关键参数配置
String host = "192.168.0.0"; //SSL接入点ip
int port = 5671; //SSL接入点port
//以下2个ssl文件可通过控制台获取安装包, 具体的获取方式可以查看2.2.1接入步骤的第二小节
String ksFile = "D:\\tmp\\ssl\\client_rabbitmq_key.p12";
String tksFile = "D:\\tmp\\ssl\\truststore";
String vhost = "/";
char[] keyPassphrase = "W3zT_98Zz9Io".toCharArray();
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(new FileInputStream(ksFile), keyPassphrase);
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, keyPassphrase);
char[] trustPassphrase = null;
trustPassphrase = "W3zT_98Zz9Io".toCharArray();
KeyStore tks = KeyStore.getInstance("JKS");
tks.load(new FileInputStream(tksFile), trustPassphrase);
TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
tmf.init(tks);
SSLContext c = SSLContext.getInstance("tlsv1.2");
c.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
ConnectionFactory connectionFactory = new ConnectionFactory();
connectionFactory.setHost(host);
connectionFactory.setPort(port);
connectionFactory.setVirtualHost(vhost);
connectionFactory.setSaslConfig(DefaultSaslConfig.EXTERNAL);
connectionFactory.useSslProtocol(c);