---
conf:
  rabbitmq:
    ssl_options:
      cacertfile: "/etc/rabbitmq/certs/ca.crt"
      certfile: "/etc/rabbitmq/certs/tls.crt"
      keyfile: "/etc/rabbitmq/certs/tls.key"
      verify: verify_peer
      fail_if_no_peer_cert: false
    management:
      ssl:
        cacertfile: "/etc/rabbitmq/certs/ca.crt"
        certfile: "/etc/rabbitmq/certs/tls.crt"
        keyfile: "/etc/rabbitmq/certs/tls.key"
endpoints:
  oslo_messaging:
    host_fqdn_override:
      default:
        tls:
          secretName: rabbitmq-tls-direct
          issuerRef:
            name: ca-issuer
            kind: ClusterIssuer
    port:
      https:
        default: 15680
        public: 443
manifests:
  certificates: true
...