Skip to content

Changing Certificates for RabbitMQ

To replace the RabbitMQ certificates with your own trusted certificates, provide the following certificate files and keys:

  • The file containing the public key of the root Certificate Authorities that you wish to implicitly trust, named: ca.cer
  • The file containing the client's own certificate public key, named: rabbitmq.cer
  • The file containing the client's private key in PEM format, named: key.pem

This can be done using OpenSSL. Examples of the commands are as follows:

  • openssl pkcs12 -in famcert.pfx -nokeys -out rabbitmq.cer
  • openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes

To configure the RabbitMQ certificate files:

  1. Replace the files located under “%SAILPOINT_HOME%\RabbitMQ\certificates” with the certificates and key mentioned above.

  2. Open the file %SAILPOINT_HOME%\RabbitMQ\data\rabbitmq.config with a text editor, and replace the current files path with the path of your own trusted certificates and key. Then save the file.

  3. Delete the SailPoint RabbitMQ certificate from the certificate computer store. The certificate name is “File Access Manager RabbitMQ”

  4. Restart the rabbitmq service, the Central Permission Collection Engine(s) and Collector(s) services and the Central Data Collection Engine(s) and Collector(s) services.