LavinMQ supports TLS 1.2 and 1.3, both for AMQPS and HTTPS.

If a valid certificate and key are available, LavinMQ will listen on port 5671 for AMQPS and port 15671 for HTTPS.

Default config

tls_cert = /etc/lavinmq/cert.pem
tls_key = /etc/lavinmq/key.pem
tls_min_version = 1.2

tls_port = 15671

tls_port = 5671

Reloading certificates

Send a HUP signal to reload certificate if files have changed e.g. renewed. Existing connections will not be interrupted, and new TLS connections will be served the new certificate.