Quantcast

The PassPhrase for Private key is not safe in rabbitmq.config

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

The PassPhrase for Private key is not safe in rabbitmq.config

k.madnani84
This post has NOT been accepted by the mailing list yet.
I have my private key in an encrypted format and i use password in rabbitmq.config file as mentioned in https://www.rabbitmq.com/ssl.html:

[
 {rabbit, [
           {ssl_listeners, [5671]},
           {ssl_options, [{cacertfile,"/path/to/ca_certificate.pem"},
                          {certfile,  "/path/to/server_certificate.pem"},
                          {keyfile,   "/path/to/server_key.pem"},
                          {password,  "t0p$3kRe7"}
                         ]}
          ]}
].

But the password is easily visible to any user who can open config file which i dont want.Is it possible to somehow hide this password and still pass in to rabbitmq?
Loading...