RabbitMQ TLS/SSL configuration

As described in https://www.rabbitmq.com/ssl.html the operator can specify TLS/SSL configuration that changes a RabbitMQ server's behavior when it comes to SSL/TLS connections.

In particular the options rabbitmq.ssl.verify and rabbitmq.ssl.fail_if_no_peer_cert can be set. The settings' meaning is described in https://www.rabbitmq.com/ssl.html#peer-verification. E.g. set rabbitmq.ssl.verify to value 'verify_peer' and rabbitmq.ssl.fail_if_no_peer_cert to value 'true' in order for a RabbitMQ server to demand a TLS certificate from any client connecting. In addition, this certificate must have been signed by a certifcate authority that the RabbitMQ server trusts.

The ops file rabbitmq-ssl-verify.yml can be used to configure these settings.

Please go to Common TLS Configuration to learn more about how to deploy SSL/TLS certificates.