4a1d412f8c
This patch adds a SSL/TLS listener to RabbitMQ without disrupting the existing plaintext TCP listener. Various services that use RabbitMQ will have the option to encrypt messaging traffic with this change. Documentation is included for this change. By default, it will create a self-signed certificate for the user, but users have the option to specify their own existing certificates as well. This makes it easier to bring RabbitMQ (and the services which talk to it) into compliance with PCI DSS 3.1's Requirement 2.2.3. In addition, this change is recommended within the OpenStack Security Guide. Closes-bug: 1496001 Change-Id: I0d29cbb6e963b24f77a8375eba8a8c6a558aaf81