We are trying to get our logstatsh rabbitmq plugin to authenticate to our RabbitMQ instance using PKI credentials. We've updated our logstash-rmq.config file with the following:
HOST=localhost PORT=5671 VHOST=/logstash SSL=true SSLCERTPATH=/etc/pki/nw/node/node.p12 SSLCERTPWD=pwd EXCHANGE=app.exchange QUEUE=ls-audit AUTO_DELETE=true
From our other rabbitMQ clients a similar configuration goes through a mutual SSL authentication and the CN on our identity certificate in the keystore maps to the account in RabbitMQ. For Logstash, it doesn't matter what is in our keystore, Rabbit is authenticating the connection as the Guest user. If we update the configuration to be something like:
HOST=localhost PORT=5671 VHOST=/logstash SSL=true SSLCERTPATH=/etc/pki/nw/node/node.p12 SSLCERTPWD=pwd EXCHANGE=app.exchange QUEUE=ls-audit AUTO_DELETE=true USER=logstashpkiuser
then we get an error because there is no password set. Is it possible to configure the plugin to use the identity in the keystore to authenticate to rabbit or is the SSL configuration simply intended to provide transport encryption not authentication?