Configuring SSL of a RocketMQ Instance
Scenario
You can access a RocketMQ instance in plaintext or ciphertext. This section describes how to change the access mode on the console.
RocketMQ instances support the following access modes:
- SSL: Ciphertext access with high security, but lower performance.
- PLAINTEXT: Plaintext access with high performance, but lower security.
- PERMISSIVE: Both ciphertext and plaintext access, depending on the client.
Operation Impact
Table 1 lists the impact of changing the access mode.
PERMISSIVE is unavailable for some existing RocketMQ instances. For details, see the console.
Server Access Mode Change | Impact |
|---|---|
PLAINTEXT > SSL |
|
SSL > PLAINTEXT | |
PLAINTEXT > PERMISSIVE | Instances will not be restarted and services will not be interrupted. |
SSL > PERMISSIVE | |
PERMISSIVE > PLAINTEXT |
|
PERMISSIVE > SSL |
|
Prerequisite
You can change the access mode of a RocketMQ instance only when the instance is in the Running state.
Procedure
- Log in to the console.
- Click
in the upper left corner to select a region.NoteSelect the region where your RocketMQ instance is located.
- Click
and choose Application > Distributed Message Service for RocketMQ to open the console of DMS for RocketMQ. - Click a RocketMQ instance name to go to the instance details page.
- In the Connection area, specify SSL option. The Confirm dialog box is displayed.
- Click OK. The Background Tasks page is displayed.
If the rocketmqConfigPortProtocol task is in the Successful state, the instance access mode is changed successfully.
- Scenario
- Operation Impact
- Prerequisite
- Procedure