I'm trying to connect to rabbit cluster using ssl and set spring.rabbitmq.ssl properties. When the app tries to send message to exchange, it shows the error "ACCESS_REFUSED - Login was refused using authentication mechanism PLAIN". How can I properly set authentication mechanism to EXTERNAL instead of PLAIN? Automatically it always sets it to PLAIN which means user and password authentication I guess.
BTW, if I set in cachingConnectionFactory.rabbitConnectionFactory.saslConfig = DefaultSaslConfig.EXTERNAL it works properly.
Updates:
properties:
rabbitmq:
addresses: host1:5671,host2:5671
ssl:
enabled: true
key-store: classpath:certs/rabbit-client-keystore.p12
key-store-type: PKCS12
key-store-password: ${RABBIT_KEYSTORE_PASSWORD}
trust-store: classpath:certs/rabbit-client-truststore.p12
trust-store-type: PKCS12
trust-store-password: ${RABBIT_TRUSTSTORE_PASSWORD}
algorithm: TLSv1.2
username: ""
password: ""
If I use algorithm: EXTERNAL, then it throws "NoSuchAlgorithmException: EXTERNAL SSLContext not available".
Finally, I decided to use Configuration class with ConnectionFactoryCustomizer bean depending on spring.rabbitmq.ssl.enabled property:
@Configuration
class RabbitConfig {
@Bean
@ConditionalOnProperty(name = ["spring.rabbitmq.ssl.enabled"], havingValue = "true", matchIfMissing = false)
fun connectionFactoryCustomizer(): ConnectionFactoryCustomizer {
return ConnectionFactoryCustomizer {
it.saslConfig = DefaultSaslConfig.EXTERNAL
}
}
}