RabbitMQ Configuration

RabbitMQ is an open-source message broker that enables messaging between the File Reporter components used for file content scanning or for reporting on Microsoft 365 cloud applications such as OneDrive, SharePoint Online, and Teams.

These components include ManagerFC and AgentFC for content scanning and reporting, and Agent365 for Microsoft 365 cloud reporting. If you do not need to perform file content scanning or reporting on Microsoft 365 cloud applications, then you do not need to install RabbitMQ.

RabbitMQ can be installed using any of the supported distributions found at: https://www.rabbitmq.com/download.html.

To introduce RabbitMQ into the File Reporter framework, a simplified, supported distribution for Windows is included with this release. This distribution is meant solely for use in basic scenarios in which clustering, containerization, or automated upgrades are not required.

The installation steps in this chapter pertain solely to this included distribution. Refer to associated product documentation for other RabbitMQ distributions or installers.

Upgrading a Previous Installation

File Reporter introduced file content scanning in version 3.5 and subsequently introduced the RabbitMQ message broker as a File Reporter component. If you installed RabbitMQ previously, you should upgrade to the updated version provided.

Before upgrading...

  1. Verify that all scans are completed or canceled.

  2. Uninstall the service.

    1. Stop the RabbitMQ service (console command: sc stop rabbitmq).

    2. Within the existing RabbitMQ folder, run remove-rabbitmq-service.bat.

  3. Delete the existing RabbitMQ folder.

  4. Follow the steps in the remainder of this chapter to install and set up the new version.

Extracting RabbitMQ

RabbitMQ requires a recent version of the Visual C++ Redistributable Package for Visual Studio 2015. This is a common dependency for many applications, so it may already be present. If not:

  1. Install the most recent Visual C++ Redistributable Packages for Visual Studio 2015 found either at https://docs.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170, or in the RabbitMQ folder of the FileReporter-24.4.iso image named vc-redist-vs2015-2022-x64-*.exe.

  2. Unzip the RabbitMQ-3.9.x.zip file to the desired path in the RabbitMQ folder of the FileReporter-24.4.iso image.

    IMPORTANT: The path cannot contain spaces. The zip file contains the rabbitmq folder (i.e., extracting to the root C:\ produces an install location of C:\rabbitmq.

Creating Certificates for RabbitMQ

Certificates are required to enable TLS for secure messaging between RabbitMQ, ManagerFC, AgentFC, and the Web Application.

  1. Double-click CertificateGenerator.exe in the RabbitMQ folder of the FileReporter-24.4.iso image.

  2. Enter the DNS name for the RabbitMQ service host or endpoint in the Subject Name field.

  3. (Optional) Modify the settings in the other fields.

  4. Click Generate.

  5. Enter the desired name of the certificate file to export in the File Name field of the Certificate section.

  6. (Optional) Check Save private key in a separate file in the Private Key section and then enter a value for File Name for the private key file to export.

  7. Enter a path for the Target Folder into which the certificate and key file(s) will be exported in the Save to File section.

    IMPORTANT: The path should not contain spaces. You should export the certificate files to the root of the extracted RabbitMQ folder.

  8. Click Save Files to export the files.

  9. Click Finish.

  10. From the location where the files were generated, copy the files to a folder on the RabbitMQ system (e.g., to the RabbitMQ folder created when you extracted the RabbitMQ-3.9.xx.zip file).

  11. Edit the rabbitmq.conf file located in the rabbitmq\base folder to which RabbitMQ was extracted (if using the provided archive).

  12. Modify the entries for ssl_options.*

    Note that paths are absolute and use forward slashes.

    Uncomment the following lines:

    • ssl_options.cacertfile
    • ssl_options certfile
    • ssl_options.keyfile
    • num_acceptors.ssl
    • listeners.ssl.default

  13. Modify the entries for management.* interface.

    Optionally comment the following lines:

    • management.tcp.ip
    • management.tcp.port

    Uncomment the following lines:

    • management.ssl.port
    • management.ssl.cacertfile
    • management.ssl.certfile
    • management.ssl.keyfile
    • management.ssl.versions.1
    • management.ssl.versions.2

  14. Specify the certificate and private key.

    1. Modify the paths for ssl_options.cacertfile and ssl_options.certfile in the TLS Options section with the path to the RabbitMQ certificate you created.

    2. While still in the TLS Options section, modify the path for ssl_options.keyfile with the path of the private key.

    3. Modify the paths for management.ssl.cacertfile and management.ssl.certfile in the Management Interface / REST API section with the path to the certificate. Note that paths are absolute and use forward slashes.

    4. While still in the Management Interface / REST API section, modify the path for management.ssl.keyfile with the path of the private key.

  15. Save any modifications you made to the configuration file, then close the editor.

Installing the RabbitMQ Service

  1. Double-click the rabbitmq folder from the extracted RabbitMQ files.

  2. Double-click the install-rabbitmq-service.bat file. The RabbitMQ service is now installed.

    The error message: The handle is invalid in the image above is normal during an installation and can be ignored.

  3. Access the management interface for RabbitMQ at https://dns_name:15671. You may need to open this port in the firewall.

Changing the Administrator Password

As a best practice, you should change the default administrator password for RabbitMQ before performing any administrative work.

  1. Access the web-based RabbitMQ management interface at https://server:15671, where server is the address or DNS name of the server on which RabbitMQ is installed.

  2. Enter admin in the Username field and srsadmin in the Password field, then click Login.

  3. Click the Admin tab.

  4. Click admin under the Name column.

  5. Scroll down in the new window and select Update this user.

  6. Enter and confirm the new password, and click Update user.