Help Center/ Distributed Message Service for RocketMQ/ User Guide/ Accessing an Instance/ Accessing a RocketMQ Instance with SSL Enabled (TCP)
Updated on 2023-11-29 GMT+08:00

Accessing a RocketMQ Instance with SSL Enabled (TCP)

If SSL is enabled, data will be encrypted before transmission for enhanced security. This section describes how to use TCP to connect to a RocketMQ instance with SSL in CLI mode.

Intra-VPC access and public access differ only in the connection IP addresses and ports. For intra-VPC access, use port 8100. For public access, use port 8200.

The following describes only the procedure for public access. For intra-VPC access, replace the IP addresses with the actual ones.

Prerequisites

  • A RocketMQ instance has been created and you have obtained the metadata connection addresses for intra-VPC access or public network access.
  • Security group rules have been configured.
  • A topic has been created.
  • An ECS has been created. For intra-VPC access, ensure that its VPC, subnet, and security group configurations are the same as those of the RocketMQ instance.
  • JDK v1.8.111 or later has been installed, and related environment variables have been configured.

Accessing the Instance with CLI

  1. Download the rocketmq-tutorial software package.

    wget https://dms-demo.obs.cn-north-1.myhuaweicloud.com/rocketmq-tutorial.zip

  2. Decompress the rocketmq-tutorial package.

    unzip rocketmq-tutorial.zip

  3. Go to the rocketmq-tutorial/bin directory.

    cd rocketmq-tutorial/bin

  4. Create normal messages using the sample project.

    JAVA_OPT=-Dtls.enable=true sh mqadmin sendMessage -n "${Connection addresses}" -t ${Topic name} -p "hello rocketmq"

    Parameter description:

    • Connection addresses: the metadata connection addresses for intra-VPC access or public network access to the RocketMQ instance
    • Topic name: name of the topic created for the RocketMQ instance

    In the following example, 100.xxx.xxx.89:8200;100.xxx.xxx.144:8200 are the metadata connection addresses for public network access to the RocketMQ instance, and topic-test is the topic name.

    JAVA_OPT=-Dtls.enable=true sh mqadmin sendMessage -n "100.xxx.xxx.89:8200;100.xxx.xxx.144:8200" -t topic-test -p "hello rocketmq"

    Press Ctrl+C to exit.

  5. Retrieve normal messages using the sample project.

    JAVA_OPT=-Dtls.enable=true sh mqadmin consumeMessage -n "${Connection addresses}" -t ${Topic name}

    Parameter description:

    • Connection addresses: the metadata connection addresses for intra-VPC access or public network access to the RocketMQ instance
    • Topic name: name of the topic created for the RocketMQ instance

    In the following example, 100.xxx.xxx.89:8200;100.xxx.xxx.144:8200 are the metadata connection addresses for public network access to the RocketMQ instance, and topic-test is the topic name.

    JAVA_OPT=-Dtls.enable=true sh mqadmin consumeMessage -n "100.xxx.xxx.89:8200;100.xxx.xxx.144:8200" -t topic-test

    To stop consuming messages, press Ctrl+C to exit.

  6. Create messages with traces using the sample project.

    JAVA_OPT=-Dtls.enable=true sh mqadmin sendMessage -n "${Connection addresses}" -t ${Topic name} -p "hello rocketmq" -m true

    Parameter description:

    • Connection addresses: the metadata connection addresses for intra-VPC access or public network access to the RocketMQ instance
    • Topic name: name of the topic created for the RocketMQ instance

    In the following example, 100.xxx.xxx.89:8200;100.xxx.xxx.144:8200 are the metadata connection addresses for public network access to the RocketMQ instance, and topic-test is the topic name.

    JAVA_OPT=-Dtls.enable=true sh mqadmin sendMessage -n "100.xxx.xxx.89:8200;100.xxx.xxx.144:8200" -t topic-test -p "hello rocketmq" -m true

    Press Ctrl+C to exit.

  7. Retrieve messages and send the message traces using the sample project.

    JAVA_OPT=-Dtls.enable=true sh mqadmin consumeMessage -n "${Connection addresses}" -t ${Topic name} -m true

    Parameter description:

    • Connection addresses: the metadata connection addresses for intra-VPC access or public network access to the RocketMQ instance
    • Topic name: name of the topic created for the RocketMQ instance

    In the following example, 100.xxx.xxx.89:8200;100.xxx.xxx.144:8200 are the metadata connection addresses for public network access to the RocketMQ instance, and topic-test is the topic name.

    JAVA_OPT=-Dtls.enable=true sh mqadmin consumeMessage -n "100.xxx.xxx.89:8200;100.xxx.xxx.144:8200" -t topic-test -m true

    Press Ctrl+C to exit.