RabbitMQ TLS/SSL configuration
As described in https://www.rabbitmq.com/ssl.html the operator can specify TLS/SSL configuration that changes a RabbitMQ server's behavior when it comes to SSL/TLS connections.
In particular the options
rabbitmq.ssl.fail_if_no_peer_cert can be set. The settings' meaning is described in https://www.rabbitmq.com/ssl.html#peer-verification. E.g. set
rabbitmq.ssl.verify to value 'verify_peer' and
rabbitmq.ssl.fail_if_no_peer_cert to value 'true' in order for a RabbitMQ server to demand a TLS certificate from any client connecting. In addition, this certificate must have been signed by a certifcate authority that the RabbitMQ server trusts.
The ops file rabbitmq-ssl-verify.yml can be used to configure these settings.
Please go to Common TLS Configuration to learn more about how to deploy SSL/TLS certificates.