我想建立从 Java 客户端到 RabbitMQ AMQP 消息代理的 AMQP 连接。它实际上工作得很好,如https://www.rabbitmq.com/api-guide.html中所述。
我正在做:
ConnectionFactory factory = new ConnectionFactory();
factory.setUsername(userName);
factory.setPassword(password);
factory.setVirtualHost(virtualHost);
factory.setHost(hostName);
factory.setPort(portNumber);
Connection conn = factory.newConnection();
或者作为等效的,以下内容具有相同的作用:
ConnectionFactory factory = new ConnectionFactory();
factory.setUri("amqp://userName:password@hostName:portNumber/virtualHost");
Connection conn = factory.newConnection();
但是,我的 URI 字符串中的用户名和密码是通过互联网以明文方式传输的假设是否正确?如果是这种情况,我想知道如何使此身份验证更加安全。
By default amqp uses no encryption. So yes, as far as I read the documentation your username would indeed be sent as plain text within the amqp protocol.
RabbitMQ supports tls encryption of amqp as documented in the official rabbitmq documentation.
So, in order to secure your connection you have to enable ssl auth in Rabbitmq and tell it where to find valid certificates.
例如在rabbitmq.conf:
listeners.ssl.default = 5671
ssl_options.cacertfile = /path/to/ca_certificate.pem
ssl_options.certfile = /path/to/server_certificate.pem
ssl_options.keyfile = /path/to/server_key.pem
ssl_options.verify = verify_peer
ssl_options.fail_if_no_peer_cert = false
| 归档时间: |
|
| 查看次数: |
5096 次 |
| 最近记录: |