Enable TLS in RabbitMQ for Xray in JFrog Platform Chart

Available from JFrog Platform Chart version 10.14.1. 1. Set and true in global.rabbitmq.auth.tls.enabled rabbitmq.auth.tls.enabledas the values.yaml file.

Available from JFrog Platform Chart version 10.14.1.

Set global.rabbitmq.auth.tls.enabled and rabbitmq.auth.tls.enabledas true in the values.yaml file.

global:
  rabbitmq:
     auth:
         tls:
            enabled: true
rabbitmq:
   auth:
       tls:
          enabled: true

⚠️
Warning
Set both global.rabbitmq.auth.tls.enabled and rabbitmq.auth.tls.enabled to the same value so that settings are shared between Xray and Pipelines.

Add extraConfiguration: |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}} to access the RabbitMQ Management Portal through the HTTPS mode.

global:
  rabbitmq:
     auth:
         tls:
            enabled: true
rabbitmq:
   auth:
       tls:
          enabled: true
          extraConfiguration: 
              |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}

Select whether you want RabbitMQ to generates certs or whether you wish to use your own certs.

Set global.rabbitmq.auth.tls.autogenerated and rabbitmq.auth.tls.autogenerated as true in the values.yaml file so that RabbitMQ generates the certs.

global:
  rabbitmq:
     auth:
         tls:
            enabled: true
            autogenerated: true
rabbitmq:
   auth:
       tls:
          enabled: true
          autogenerated: true
          extraConfiguration: 
              |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}

Set rabbitmq.auth.tls.autogenerated as false in the values.yaml file so that you can use your own certs.

global:
  rabbitmq:
     auth:
         tls:
            enabled: true
            autogenerated: false
rabbitmq:
   auth:
       tls:
          enabled: true
          autogenerated: false
          extraConfiguration: 
              |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}

⚠️
Warning
Set both global.rabbitmq.auth.tls.autogenerated and rabbitmq.auth.tls.autogenerated to the same value so that settings are shared between Xray and Pipelines.

If you want to use your own certs, you can pass the certs as a Kubernetes secret.

Pass Certs as a Kubernetes Secret

To pass your certs as a Kubernetes secret, set rabbitmq.auth.tls.existingSecret with the secret name.

global:
  rabbitmq:
     auth:
         tls:
            enabled: true
            autogenerated: false
            existingSecret: <secret name>
rabbitmq:
   auth:
       tls:
          enabled: true
          autogenerated: false
          existingSecret: <secret name>
          extraConfiguration: 
              |-management.listener.ssl = {{ .Values.global.rabbitmq.auth.tls.enabled}}

If you want to install only Xray without other JFrog products along with Artifactory, make the following update in the values.yaml file.
```
xray:
  enabled: true
```
Run the following command to apply the values.yaml in the JFrog Platform installation.
```
helm upgrade --install jfrog-platform --namespace jfrog-platform jfrog/jfrog-platform -f values.yaml
```
You can also run a fresh installation of Xray installation with this updated values.yaml along with the other requirements mentioned in Xray Single Node Helm Installation.

Updated 5 days ago