What key pertains to which key?

I’m trying to setup Rabbitmq and I’m a tad confused on how to map the below keys generated from Letys’ Encrypt to what Rabbitmq is expecting.

From LE Dir:
cert.pem
chain.pem
fullchain.pem
privkey.pem

From Rabbitmq
CA certificate (public key)|ca_certificate.pem
Server certificate (public key)|server_certificate.pem
Server private key|server_key.pem
Client certificate (public key)|client_certificate.pem
Client private key|client_key.pem

Dose Lets Encrypt even make a CA certificate?

Thank you for your help.

Casey

Hi @chavenor,

That's probably chain.pem.

That's probably cert.pem.

That's privkey.pem.

These don't correspond to anything because Let's Encrypt never issues client certificates of any kind.

3 Likes

Actually every certificate LE sign has Client Authentication in its key usage.

Extended Key Usages

Purposes

Server Authentication, Client Authentication

2 Likes

Thanks for that correction, @orangepizza. Still, I don’t think these certificates will be useful in that context for most people because client authentication applications usually expect the entity that’s going to verify the client certificates to have issued them itself.

2 Likes

Since you don’t need to access your RabbitMQ instance in a web browser, you don’t need a publicly trusted Let’s Encrypt certificate. Instead you can make your own root certificate, and sign your own server certificates and client certificates with it. For instance, minica is a straightforward tool to do this.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.