# 确保允许PLAIN认证
auth_mechanisms.1 = PLAIN
auth_mechanisms.2 = AMQPLAIN

# 检查默认vhost
# 允许admin用户通过远程方式连接
loopback_users.admin = false


# disables non-TLS listeners, only TLS-enabled clients will be able to connect
# 开启此项配置会导致只能通过TLS端口访问
listeners.tcp = none
# ssl config
listeners.ssl.default = 5671
ssl_options.cacertfile = /etc/rabbitmq/certs/ca_certificate.pem
ssl_options.certfile   = /etc/rabbitmq/certs/server_douxu-buntu22_certificate.pem
ssl_options.keyfile    = /etc/rabbitmq/certs/server_douxu-buntu22_key.pem
# 启用双向认证
ssl_options.verify     = verify_peer
ssl_options.fail_if_no_peer_cert = true
# If the private key file is password protected, set this value
ssl_options.password = ecl3000