RabbitMQ Management Over HTTPS and Nginx

Question

I'm trying to access the RabbitMQ interface over HTTPS/SSL with nginx, and I can't figure out what I'm missing.

Here's my rabbitmq.conf file:

[
  {ssl, [{versions, ['tlsv1.2', 'tlsv1.1']}]},
  {rabbit, [
      {reverse_dns_lookups, true},
      {hipe_compile, true},
      {tcp_listeners, [5672]},
      {ssl_listeners, [5671]},
      {ssl_options, [
        {cacertfile, "/etc/ssl/certs/CA.pem"},
        {certfile,   "/etc/nginx/ssl/my_domain.crt"},
        {keyfile,    "/etc/nginx/ssl/my_domain.key"},
        {versions, ['tlsv1.2', 'tlsv1.1']}
      ]}
    ]
  },
  {rabbitmq_management, [
    {listener, [
      {port, 15671},
      {ssl,  true},
      {ssl_opts, [
        {cacertfile, "/etc/ssl/certs/CA.pem"},
        {certfile,   "/etc/nginx/ssl/my_domain.crt"},
        {keyfile,    "/etc/nginx/ssl/my_domain.key"},
        {versions, ['tlsv1.2', 'tlsv1.1']}
      ]}
    ]}
  ]}
].

All works ok when I restart rabbitmq-server

My nginx file looks like this:

location /rabbitmq/ {
        if ($request_uri ~* "/rabbitmq/(.*)") {
                proxy_pass https://example.com:15671/$1;
        }
}

Now, I'm guessing there's something with the ngnix config not being able to resolve the HTTPS URL, as I'm getting 504 timeout errors when trying to browse:

https://example.com/rabbitmq/

Obviously, this is not the correct FQDN, but the SSL cert works fine without the /rabbitmq/

Has anyone been able to use the RabbitMQ Management web interface on an external connection over a FQDN and HTTPS?

Do I need to create a new "server" block in nginx config dedicated to the 15671 port?

Any help would be much appreciated!

Answer 1

This did the trick for me

location /rabbitmq {
  proxy_pass http://localhost:15672/;
  rewrite ^/rabbitmq/(.*)$ /$1 break;
}

I didn't have to use any other directives.