Close the port to disable cleartext authentication mechanisms in the AMQP configuration

Latest response

The remote Advanced Message Queuing Protocol (AMQP) service supports one or more authentication mechanisms that allow credentials to be sent in the clear. How do I remediate this security risk finding?


Any update on this KB? last update was in September.

I'm also interested in some resolution here

same issue here any news?

Tower 3.6.0 release notes seem to address this, but there are no instructions on how to disable. It just states there is now a means to do so. "Added the ability to enable SSL for PostgreSQL and RabbitMQ (not on by default):

Please give a fix for this vulnerability ?


Be aware (and I repeat myself) this is a customer forum. All on this forum including Red Hatters are volunteers.

support cases is another tab on the customer portal, there you can demand solutions, here you ask for help/advise.


Jan Gerrit