Options for private key password encryption

[MrWade0405]

Hi All,

I am configuring TLS communication for the RabbitMQ service.
I found that RabbitMQ allows to use password encryption for certificates converted from server certificate and with the specified paths to them in the configuration file (advanced.config).

RabbitMQ says it doesn't make the system more secure, it just satisfies certain country regulations, and I agree with that.

I'm wondering if there is some other way to hide the password that would provide a higher level of configuration security because using even a passphrase is not a good solution for our customers.

Maybe RabbitMQ can read the certificate from certificate store or some other solution?
Thanks in advance.

Best regards,
Vitalii Mahlona

[michaelklishin]

Use an encrypted filesystem for your RabbitMQ configuration (see File and Directory Locations), and/or the rabbitmq_trust_store plugin. There are no other options.

[MrWade0405]

Thanks for your response.