Troubleshooting

The following topics can assist with troubleshooting.

For RabbitMQ deployment recommendations, see this documentation.

Cannot Delete epmd.exe after Uninstalling RabbitMQ and Erlang

This error happens when you uninstall RabbitMQ (and optionally Erlang) but cannot delete one or more programs or folders associated with RabbitMQ or Erlang.

One common example would be "epmd.exe". This occurs because these files are still being held open by an active process and can present a problem if you uninstalled in order to perform a clean reinstall. To fix this:

1. Open the command prompt as Administrator and run the tasklist command.

2. Find the epmd.exe process (or whichever process cannot be deleted) and note the process ID by running the taskkill /pid {PROCESSID} /F command.

3. Delete the file or folder.

Can't Remove Erlang Cookie During Installation

Example of an error:

Failed to copy system cookie: Access to the path 'C:\Users\user1\\.erlang.cookie' is denied.. Manual deletion might be necessary;Access to the path 'C:\Users\user1\\.erlang.cookie' is denied.;. Would you like to Retry?

For the fix, you can manually delete the cookie from the location the Helper has no access to and retry.

Management Plugin Does Not Load

The management plugin is the web page where the user logs in to manage RabbitMQ. This is usually located at http://localhost:15672

When installing RabbitMQ using the helper:

• The management plugin should be enabled automatically
• The specified user should be automatically created and
• The user should have appropriate permissions granted

However, if any error occurs during the installation while using the Helper, the management plugin may not be enabled. See the following 2 ways to fix:

1. Open the Helper and run the

   Enable-RabbitMqManagement -Verbose command.

2. Open the RabbitMQ Command Prompt and run the

   rabbitmq-plugins enable rabbitmq_management command.

Getting Exceptions but Not Seeing Details

When running a Helper cmdlet, you may run into an exception but do not see any details or inner exceptions.

You can either wrap the cmdlet call or select the exception to get a list of key-value pairs of exception messages:

try { Stop-RabbitMq } catch { Select-Exception $_.Exception}

Or you can select topmost or combined message:

try { Stop-RabbitMq } catch { (Select-Exception $_.Exception)[0].Value}

Need the PowerShell Command Help Content?

#markdown links

Get-Command -Module Delinea.RabbitMq.Helper.PSCommands | Sort | % { Write-Host "Get-Help $_ -Full | Out-File $_.txt" };

#detailed help file generation script Get-Command -Module Delinea.RabbitMq.Helper.PSCommands | Sort | % { Write-Host "Get-Help $_ -Detailed | Out-File $_.txt" };

#full help file generation script Get-Command -Module Delinea.RabbitMq.Helper.PSCommands | Sort | % { Write-Host "Get-Help $_ -Full | Out-File $_.txt" };

RabbitMQ "broken" After Hostname Change

This error occurs when you rename the RabbitMQ Hostname. This results in creating a new database directory with the current hostname. The result is the SecretServer username no longer exists in the database. Hence, it breaks every function that requires the RabbitMQ Site Connector.

To resolve this issue:

1. Manually recreate the user with the credentials in the Site Connector > "View Credentials".

2. Then, apply the required permissions to match the guest user.

Best Practice: Do not change your RabbitMQ Hostname.

TypeError: Cannot read properties of undefined (reading 'length')

If the following error display on RabbitMQ Management, manually clear the browser cache on which the Management is used.

Vulnerability scans return AMQP Cleartext Authentication on port 5672 on RabbitMQ server(s)

This is not a problem with Secret Server but rather with the RabbitMQ Helper. However, it is fully supported and can be easily resolved by Secret Server.

Steps to resolve the issue:

1. Enable RabbitMQ TLS

   • Helper online
   • Helper offline
   • RabbitMQ

2. Switch the Secret Server site connector to Use SSL = Yes.

3. Go to Admin > Distributed Engine > Site Connectors > select the affected RabbitMQ site connector(s) > Use SSL = Yes.

4. To disable the TCP listener in RabbitMQ configuration in C:\RabbitMQ\rabbitmq.conf, edit the following line: listeners.tcp = none.

5. Click here for more information.

You have the option to fully disable non-TLS listeners. This would limit node access to only TLS-enabled clients who use the designated port.

# disables non-TLS listeners, only TLS-enabled clients will be able to connect
listeners.tcp = none

listeners.ssl.default = 5671

ssl_options.cacertfile = /path/to/ca_certificate.pem
ssl_options.certfile = /path/to/server_certificate.pem
ssl_options.keyfile = /path/to/server_key.pem
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = true