Changing Certificates for RabbitMQ

To replace the RabbitMQ certificates with your own trusted certificates:

1. Provide the following certificate files and keys:

   1. The file containing the public key of the root Certificate Authorities that you wish to implicitly trust with the name: “ca.cer”

   2. The file containing the client's own certificate public key with the name: “rabbitmq.cer”

   3. The file containing the client's private key in PEM format: “key.pem”

      This can be done using OpenSSL. Examples commands below:

      openssl pkcs12 -in famcert.pfx -nokeys -out rabbitmq.cer

      openssl pkcs12 -in certname.pfx -nocerts -out key.pem -nodes

2. To configure the RabbitMQ certificate files:

   • Replace the files located under “%SAILPOINT_HOME%\RabbitMQ\certificates” with the certificates and key mentioned above.

   • Open the file %SAILPOINT_HOME%\RabbitMQ\data\rabbitmq.config with a text editor, and replace the current files path with the path of your own trusted certificates and key. Then save the file.

3. Delete the SailPoint RabbitMQ certificate from the certificate computer store. The certificate name is “File Access Manager RabbitMQ”

4. Restart the rabbitmq service, the Central Permission Collection Engine(s) and Collector(s) services and the Central Data Collection Engine(s) and Collector(s) services.