I am using self signed certificates in my Rabbitmq server and the broker is started successfully with SSL port. I am now trying to renew / use new SSL certificates, SSL key and truststore but I do not want to restart the running rabbitmq server as my application should run continously. I checked online for solutions to refresh / reload the erlang/rabbitmq on the runtime to read/reload these new SSL certificates and I stumbled upon few links where they suggested to use - rabbitmqctl eval "ssl:stop(), ssl:start()." to reload certs
.
The command worked fine and the new SSL certs were refreshed without rabbitmq restart, but the Consumers / connections were RESET because of which my application cannot read the messages from the queues anymore.
Can you please help me with this issue? I like to reload the new SSL certificates without restarting my rabbitmq or application and the rabbitmq must work fine with my application without any connection reset. If not kindly suggest me on how to re-establish the connections back again so that my application runs as expected.
Turns out newer versions of Erlang auto-update their PEM cache, so all you need to do is put the new certificate in place and then wait for a few minutes.
If you need to force the use of the new certificate sooner, you can use
rabbitmqctl eval 'ssl:clear_pem_cache().'
And this will reload the certificate without disconnecting any publishers or consumers.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With