Skip to main content
B
Billy1-Visitor
1-Visitor
September 8, 2021
Question

RabbitMQ and Flink Certificates/SSL Guide Request

  • September 8, 2021
  • 1 reply
  • 3481 views

Hello everyone,  

I hate to say it but I have been having a lot of trouble with getting Apache Flink SSL and RabbitMQ SSL Platform Analytics 9.1 to work.  I have been using the installer but many of the steps are vague and unclear.  Does anyone have an example where they can show me or walk me through exactly what certificates and files need to be generated to get this to work correctly.  Sorting through all the logs over and over again has been a learning experience but right now I just need this working.  I have my Thingworx Foundation server and Analytics Server both working and they are in the same VLAN on separate machines.  Platform Analytics is also going to be in the same VLAN and on its own machine.  Flink and Rabbit MQ will be installed using the installer.  All SSL options for Flink will be enabled.  The only certificate I have from my companies internal CA is for the Thingworx Foundation server so people don't get warned when they try to login to composer by their web browser.  Everything else for Platform Analytics I would prefer be self signed rather than working with my IT department.

This guide:   https://support.ptc.com/help/thingworx/analytics/r9/en/index.html#page/analytics%2Fanalytics_install%2Fssl_support_for_rabbitmq.html%23 is not helping me.

And neither is this one:   https://support.ptc.com/help/thingworx/analytics/r9/en/index.html#page/analytics%2Fanalytics_install%2Fssl_support_for_flink.html%23

 

I need to know exactly which certs to generate and which servers they need to go on.  Which items are keystores and which are truststores.  When is a trust store referring to javas cacerts and when is it a trust store we create.  Which certs need to be in which keystores and which truststores and on which servers so all these things trust each other. I followed these instructions exactly as they are laid on and have still had many problems.  I need more clarity on the RabbitMQ config files used with openSSL as well.  Anyone willing to help out?? I am available for chats or phone calls and I am located in US Central time zone.  Any assistance would be greatly appreciated.  

 

-Billy

1 reply

N
nsampat17-Peridot
17-Peridot
September 10, 2021

@Billy 

 

Thank you for posting your question to the PTC Community.

 

Based on your description, it sounds like you are doing a decentralized deployment of ThingWorx Analytics Platform Analytics, typically we deploy all the components on one instance for sake of simplicity and management.

 

I would recommend that you open a case with Technical Support as there may be the need to exchanging log files, and other private identifiable information to further research and review your issues.

 

Regarding the Guides, those are the best available documents we have, and are up to date in their content.

 

You can open a case here: https://support.ptc.com/apps/case_logger_viewer/cs/auth/ssl/log

 

Regards,

 

Neel

 

B
Billy1-VisitorAuthor
1-Visitor
September 13, 2021

@nsampat 

Thank you for the reply.  When you refer to the decentralized deployment are you just talking about Analytics Server and Platform Analytics on the same machine?  Or also including Thingworx Foundation on that same machine as well?  My concern is running all 3 programs on one machine or even 2 of the 3 on one machine could cause performance issues.  Thoughts? 

J
jgreiner13-Aquamarine
13-Aquamarine
September 14, 2021

Hi Billy,

 

Yes it is a best practice to run these products on separate servers like you plan to do.  I believe my colleague Neel was under the impression that you were trying to run just Platform Analytics components on 3 separate servers which is also possible but normally not necessary.  When you try the installation, are there any errors returned?  Could you share the error messages that you are receiving and at what step of the install the error occurs?

 

Warm Regards,

 

John  

Terms & ConditionsCookie settingsAccessibility statement