Cert-manager and rabbit-mq

I’ve got cert-manager and rabbitmq-ha running on a cluster. What I haven’t been able to do is get rabbitmq-ha to use the certs that are being generated. And I haven’t found any guides on using certs for anything but load-balancing. Can someone please provide some guidance - even just a pointer on where to look for more information. I’m not sure if I need to use SDS or if there is some easier way to proceed - I was hoping I could just mount the certificates but that would be too easy :slight_smile:

Any guidance is greatly appreciated.

Thanks,
Pax.

Check this out for example: https://www.idealcoders.com/posts/rancher/2018/06/rancher-2-x-and-lets-encrypt-with-cert-manager-and-nginx-ingress/

Thanks for the pointer… that helped… as did this:
https://blog.darkedges.com/2019/02/17/cert-manager-kubernetes-cloudflare-dns/

What ended up getting everything working was putting the following in my helm cart (using the default helm chart for rabbitmq-hq it would be in templates/statefulset.yaml)

(excerpts)

volumeMounts:
    - name: cert
      mountPath: /etc/cert

and

volumes:
   - name: cert
     secret:
       secretName: {{ template "rabbitmq-ha.certSecretName" . }}

And in values.yaml:

rabbitmqAmqpsSupport:
  enabled: true

  # NodePort
  amqpsNodePort: 5671

  # SSL configuration
  config: |
    listeners.ssl.default             = 5671
    ssl_options.cacertfile            = /etc/cert/ca.crt
    ssl_options.certfile              = /etc/cert/tls.crt
    ssl_options.keyfile               = /etc/cert/tls.key
    ssl_options.verify                = verify_peer
    ssl_options.fail_if_no_peer_cert  = false