Technology Sharing

RABBITMQ local test certificate generation script

2024-07-12

한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina

Since the applet requires access to the wss interface, the test environment needs to be switched to https. I read the official documentation.

RabbitMQ Web STOMP Plugin | RabbitMQThere is this information in it

Then I typed GPT for a while, inputting the requirements several times, and got a script like this:

generate_cert.sh

  1. #!/bin/bash
  2.  
  3. # 检查是否提供了IP地址
  4. if [ "$#" -ne 1 ]; then
  5.     echo "Usage: $0 <IP_ADDRESS>"
  6.     exit 1
  7. fi
  8.  
  9. IP_ADDRESS=$1
  10. PASSWORD="changeme"
  11.  
  12. # 创建必要的目录
  13. mkdir -p certs
  14.  
  15. # 生成 CA 密钥
  16. openssl genrsa -des3 -passout pass:$PASSWORD -out certs/ca.key 2048
  17.  
  18. # 生成 CA 证书
  19. openssl req -x509 -new -nodes -key certs/ca.key -sha256 -days 1024 -passin pass:$PASSWORD -out certs/ca_certificate.pem -subj "/CN=${IP_ADDRESS}"
  20.  
  21. # 生成服务器密钥
  22. openssl genrsa -des3 -passout pass:$PASSWORD -out certs/server.key 2048
  23.  
  24. # 生成服务器证书签名请求(CSR)
  25. openssl req -new -key certs/server.key -passin pass:$PASSWORD -out certs/server.csr -subj "/CN=${IP_ADDRESS}"
  26.  
  27. # 创建一个配置文件用于扩展
  28. cat <<EOF > certs/openssl.cnf
  29. [ v3_ca ]
  30. basicConstraints = CA:TRUE
  32. [ v3_req ]
  33. basicConstraints = CA:FALSE
  34. subjectAltName = @alt_names
  36. [ alt_names ]
  37. IP.1 = ${IP_ADDRESS}
  38. EOF
  39.  
  40. # 使用 CA 证书签署服务器证书
  41. openssl x509 -req -in certs/server.csr -CA certs/ca_certificate.pem -CAkey certs/ca.key -CAcreateserial -out certs/server_certificate.pem -days 500 -sha256 -passin pass:$PASSWORD -extfile certs/openssl.cnf -extensions v3_req
  42.  
  43. # 转换服务器密钥为 PEM 格式
  44. openssl rsa -in certs/server.key -out certs/server_key.pem -passin pass:$PASSWORD -passout pass:$PASSWORD
  45.  
  46. # 打印完成信息
  47. echo "Certificates and keys generated successfully in the 'certs' directory."
  48. echo "CA Certificate: certs/ca_certificate.pem"
  49. echo "Server Certificate: certs/server_certificate.pem"
  50. echo "Server Key: certs/server_key.pem"

Use in Ubuntu of WSL
generate_cert.sh &lt;test IP&gt; to generate

Then create rabbitmq.conf in the log/db directory of the RabbitMQ server

Paste the content of the first picture, then restart the rabbitMQ service, and then look at the management interface. The https port 15673 is successfully started.
 

Personal profile

I have devoted myself to the research of technology for more than 30 years. I am proficient in various languages ​​such as Java, Linux, JavaScript, PHP, CSS, etc. I have made many contributions in the field of open source. I have established a developer documentation site to share some problems in technology development for everyone to read.

my contact information

Mail