Integrating custom certificates into RabbitMQ - Mission Control 3.2.1.0

When using third-party certificates, you need a private and a public key to enable integration of the certificates with RabbitMQ.

To install the certificates on the local machine:

1. Open the Windows Console:
   1. In the Windows search box, type Run.
   2. In the Run dialog box, type mmc.exe and click OK.
      The Console window opens.
2. In the left pane of the Console window, expand Personal and click Certificates.
3. In the right pane of the window, right-click the certificate you created and click All Tasks Export.
   The Certificate Export Wizard opens.
4. Select the following options:
   1. On the Export Private Key page, select Yes, export the private key and click Next.
   2. On the Export File Format page, select Personal Information Exchange, clear Enable certificate privacy and click Next.
   3. On the Security page, select Password, type your password choice, and click Next. Note your password as you need it to import the certificate.
   4. Name your certificate export file (.pfx) and click Finish.

To convert the PFX file to a pem file:

1. Check if OpenSSL is installed in C:\Program Files (x86)\OpenSSL-Win32 or install it from Downloads | OpenSSL Library.
2. Open the command prompt as an administrator:
   1. In the Windows search box, type cmd.
   2. Right-click Command prompt and select Run as administrator.
3. Generate the key.pem file:
   1. Change the directory using the following command: c:\OpenSSL-Win32\bin
      NOTE: Copy your PFX file to this location.
   2. Run Openssl.exe pkcs12 -in yourpfxfile.pfx -nocerts -out key.pem -nodes
   3. When prompted for a password, enter the password you set up when exporting the certificates from mmc.exe.
   The key.pem file is generated in c:\OpenSSL-Win32\bin.

   
4. Move the Key.pem file to C:\Program Files (x86)\Genetec\RabbitMQ.

To export the .Cert files

1. Open the Windows Console:
   1. In the Windows search box, type Run.
   2. In the Run dialog box, type mmc.exe and click OK.
      The Console window opens.
2. In the left pane of the Console window, expand Personal and click Certificates.
3. In the right pane of the window, right-click the certificate you created and click All Tasks Export.
   The Certificate Export Wizard opens.
4. Select the following options:
   1. On the Export Private Key page, select No, do not export the private key and click Next.
   2. On the Export File Format page, select DER encoded binary X.509 (.CER) and click Next.
      The name of this export file is CACert.cer.
   3. On the Export Private Key page, select No, do not export the private key and click Next.
   4. On the Export File Format page, select Base-64 encoded X.509 (.CER) and click Next.
      The name of this export file is Cert.cer.

To complete the certificate integration

1. Back up your RabbitMQ self-signed certificate files in C:\Program Files (x86)\Genetec\RabbitMQ.
2. Replace the RabbitMQ self-signed certificates:
   1. Go to C:\Program Files (x86)\Genetec\RabbitMQ.
   2. Replace Cert.cer with Cert.pem.
      NOTE: You can change the extension by renaming it.
   3. Replace CACert.cer with CACert.pem.
3. Open the RabbitMQ Command Prompt (sbin dir) application.
4. Reinstall the RabbitMQ service by running the following commands:
   1. rabbitmq-service.bat remove
   2. rabbitmq-service.bat install
   3. rabbitmq-service.bat start
5. Reboot your machine for the changes to take effect.