RabbitMQ and SSL made easy for tests
RabbitMQ and SSL made easy for tests.
This repository aims at building a RabbitMQ container with SSL enabled.
Generation of the server certificates, as well as server configuration, are performed during
the image's build. A client certificate is generated when a container is created from this image.
It is recommended to mount a volume so that the client certificate can be reached from the host system. Client certificates are generated under the /home/client directory.
cd tests && ./build.sh
The generated image contains SSL certificates for the server side.
mkdir -p /tmp/docker-test \
&& rm -rf /tmp/docker-test/* \
&& docker run -d --rm -p 12000:5671 -v /tmp/docker-test:/home/client rabbitmq-with-ssl:latest
Here, we bind the port 5671 from the container on the 12000 port on the local host.
We also share a local directory with the container, to retrieve the client certificate.
You can verify client certificates were generated with ls /tmp/docker-test
. This directory contains
a key store and a trust store, both in the PKCS12 format.
docker stop <container-id>
will stop the container.
If you kept the --rm
option, it will be deleted directly.
cd tests && ./test.sh
ls -l /tmp/docker-test
docker exec -ti <container-id> /bin/bash
docker logs <container-id>
openssl s_client -connect 127.0.0.1:12000 -key /tmp/docker-test/key.pem
Verify return code: 19 (self signed certificate in certificate chain)
, which is normal.
We should specify the -CApath, which is inside the Docker container. This test is enough to verify SSL is enabled and
the server is reachable from the host system.