Installing RabbitMQ Online with TLS (Advanced)

General TLS requirements

• The certificate used has to match the hostname used by RabbitMQ. Wildcard certificates are supported.

• The certificate has to be an RSA with 2048 bit encryption or higher for the RabbitMQ Helper to be able to convert it.

  • CNG and/or ECC certificates can be manually converted with OpenSSL, see Convert a CNG or ECC certificate to PEM File

• The certificate chain has to be trusted by both the RabbitMq node and anything connecting to the RabbitMQ host.

  • If using self-signed certificated, ensure that the certificates are properly installed in the certificate store.

$path = "C:\Program Files\Delinea Software Ltd\RabbitMq Helper\net6.0"
$username = "<SITE CONNECTOR USERNAME FROM SECRET SERVER>" 
$password = "<SITE CONNECTOR PASSWORD FROM SECRET SERVER>" 

# Create a PSCredential object to use for the installation  
$cred = New-Object System.Management.Automation.PSCredential ($username, (ConvertTo-SecureString -String $password -AsPlainText -Force))
 
# FQDN which will be used by clients connecting to this RabbitMq host
$fqdn = "localhost"; 
$certpath = $path; 
$pfxCred = Get-Credential -UserName PfxUserName -Message "Enter the PFX password. Username is ignored";
#(the password for the example localhost.pfx certificate is "password1")
#$password = ConvertTo-SecureString "PlainTextPassword" -AsPlainText -Force
#$pfxCred = New-Object System.Management.Automation.PSCredential ("Ignored", $password)
 
Install-Connector `
    -Hostname $fqdn `
    -Credential $cred `
    -UseTls `
    -CaCertPath "$certpath\localhostca.cer" `
    -PfxPath "$certpath\localhost.pfx" `
    -PfxCredential $pfxCred `
    -Verbose;

There are more switches for this commandlet, your run "get-help install-connector" when inside the helper for more information.

Using a local, non-domain admin account for the Installation is required.