Enable TLS in RabbitMQ in Xray Helm Chart

JFrog Installation & Setup Documentation

Content Type
Installation & Setup
ft:sourceType
Paligo

Available from Xray version 3.78.10.

  1. Set rabbitmq.auth.tls.enabled as true in the values.yaml file.

    rabbitmq:
       auth:
           tls:
              enabled: true
  2. Select whether you want RabbitMQ to generate certs or whether you wish to use your own certs.

    • Set rabbitmq.auth.tls.autogenerated as true in the values.yaml file so that RabbitMQ generates the certs.

      rabbitmq:
         auth:
             tls:
                enabled: true
                autogenerated: true
    • Set rabbitmq.auth.tls.autogenerated as false in the values.yaml file so that you can use your own certs.

      rabbitmq:
         auth:
             tls:
                enabled: true
                autogenerated: false
  3. If you want to use your own certs, you can pass the certs either as a Kubernetes secret or through the values.yaml file.

    Pass Certs as a Kubernetes Secret

    To pass your certs as a Kubernetes secret, set rabbitmq.auth.tls.existingSecret with the secret name.

    rabbitmq:
       auth:
           tls:
              enabled: true
              autogenerated: false
              existingSecret: <secret name>

    Pass Certs in the values.yaml file

    To pass your certs as a Kubernetes secret, set the following values in the values.yaml file.

    • CA certificate information in rabbitmq.auth.tls.caCertificate

    • Server certificate information in rabbitmq.auth.tls.serverCertificate

    • Server RSA private key information in rabbitmq.auth.tls.serverKey

    rabbitmq:
       auth:
           tls:
              enabled: true
              autogenerated: false
              caCertificate: |-
              -----BEGIN CERTIFICATE-----
              ...
              -----END CERTIFICATE-----
              serverCertificate: |-
              -----BEGIN CERTIFICATE-----
              ...
              -----END CERTIFICATE-----
              serverKey: |-
              -----BEGIN RSA PRIVATE KEY-----
              ...
              -----END RSA PRIVATE KEY-----
  4. Run the following command to apply the values.yaml in the Xray installation.

    helm upgrade --install xray -f values.yaml --namespace xray jfrog/xray

    You can also run a fresh installation of Xray installation with this updated values.yaml along with the other requirements mentioned in Xray Single Node Helm Installation.

Disable TLS in RabbitMQ for Xray in Xray Helm Chart

To disable TLS in RabbitMQ, set rabbitmq.auth.tls.enabledas false in the values.yaml file and run the following command.

helm upgrade --install xray -f values.yaml --namespace xray jfrog/xray