• <html><a href=“http://www.rabbitmq.com/documentation.html” target=“_blank”>RabbitMQ</a></html>
• <html><a href=“http://pika.readthedocs.org/en/latest/intro.html” target=“_blank”>Pika</a></html> (used for RabbitMQ Python interface)

• Followed <html><a href=“http://www.rabbitmq.com/ssl.html” target=“_blank”>RabbitMQ documentation</a></html> to produce SSL server/client certificates.
• Added this code to the RabbitMQ Server configuration file:

[
  {rabbit, [
     {ssl_listeners, [5671]},
     {ssl_options, [{cacertfile,"/path/to/testca/cacert.pem"},
                    {certfile,"/path/to/server/cert.pem"},
                    {keyfile,"/path/to/server/key.pem"},
                    {verify,verify_peer},
                    {fail_if_no_peer_cert,true}]}
   ]}
].

• Added this code to the RabbitMQ Client (via Pika) Setup:

#!/usr/bin/env python
import pika
import sys,ssl
 
# Setup our ssl options
ssl_options = {"ca_certs": "/path/to/testca/cacert.pem",
               "certfile": "/path/to/client/cert.pem",
               "keyfile": "/path/to/client/key.pem",
               "cert_reqs": ssl.CERT_REQUIRED,
              }
 
connection = pika.BlockingConnection(pika.ConnectionParameters(host='servername.com',port=5671,ssl=True,ssl_options=ssl_options))
channel = connection.channel()
 
channel.queue_declare(queue='hello')
 
channel.basic_publish(exchange='',
                      routing_key='hello',
                      body='Hello World!')
print " [x] Sent 'Hello World!'"
 
connection.close()

Make sure cacerts.pem is up to date. cat all /etc/grid-security/ceriticates/*.pem to cacerts.pem.