Skip to main content

Decrypting and Modifying the Atria Config Service

Summary

This document is to assist in resolving a specific issue related to the Atria Config Service caused when RabbitMQ is setup to use SSL. If you are encountering any trouble with RabbitMQ or the Atria Config Service, please contact us at support@getatria.com.

Issue

When changing RabbitMQ to use SSL, the Secret Messaging URL within the Atria Config Service needs to be updated to use the correct protocol and domain name. Failure to do this will cause the Config Service to fail and cause problems around your environment.

Resolution

Updating the App Settings Messaging URL within the Config Service

  1. Open an administrative PowerShell session on your Provisioning Server.

  2. Run the following commands to load the components required:

Import-Module Atria.Tools
Import-Module Atria.Platform
  1. Navigate to the location of the Config Service:
 cd 'C:\Program Files\Automate101\Atria\ConfigService'
  1. Run the following script to decrypt the Config Service secrets:
$encUtil = New-Object -TypeName 'Atria.Common.Utils.SymmetricEncryptionUtil'
$ConfigDecryptor = New-Object -TypeName 'Atria.Common.Configuration.ConfigurationEncryptor' -ArgumentList $encUtil
$configJson = ConvertFrom-Json ((Get-Content .\appsettings.secrets.json)-Join "")
$configDict = New-Object 'System.Collections.Generic.Dictionary[String,String]'
$configJson.PSobject.Properties | %{$configDict.Add($_.Name, $_.Value)}
$ConfigDecryptor.DecryptConfig($configDict)

This should return the following with values for each of the keys:

App Settings Messaging URL

We are now going to edit the value for secret:messaging.

  1. Run the following commands to isolate secret:messaging:
$message = $ConfigDecryptor.DecryptConfig($configDict)
$message['secret:messaging']

This should return the following:

{"userName":"(Your RabbitMQ Username)","transport":"RabbitMq","url":"amqp://atriamessaging","password":"(Your RabbitMQ Password)"}
  1. Copy this string into a text document so we can manipulate it:
  • Ensure the RabbitMQ Username and Password are correct
  • Edit the URL with the following changes:
    • Change amqp to amqps.
    • Add the domain portion of your RabbitMQ management URL after atriamessaging.

For example, if your URL for RabbitMQ Management is http://atriamessaging.company.com:15671/, you should change the URL in your string to be amqps://atriamessaging.company.com.

  1. Back in your PowerShell window, set a new variable called $messagenew to your edited string.

For Example:

$messagenew = '{"userName":"(Your RabbitMQ Username)","transport":"RabbitMq","url":"amqps://atriamessaging.company.com","password":"(Your RabbitMQ Password)"}'
  1. Encrypt and place the correct value back into the App Settings using the following command:
Set-AtriaAppSettingsSecret -SecretKey 'secret:messaging' -SecretValue $messagenew  -AppSettingsFile 'C:\Program Files\Automate101\Atria\ConfigService\appsettings.Secrets.json' -ComponentName messaging
  1. Run the following script again to check that your changes have been made:
$encUtil = New-Object -TypeName 'Atria.Common.Utils.SymmetricEncryptionUtil'
$ConfigDecryptor = New-Object -TypeName 'Atria.Common.Configuration.ConfigurationEncryptor' -ArgumentList $encUtil
$configJson = ConvertFrom-Json ((Get-Content .\appsettings.secrets.json)-Join "")
$configDict = New-Object 'System.Collections.Generic.Dictionary[String,String]'
$configJson.PSobject.Properties | %{$configDict.Add($_.Name, $_.Value)}
$ConfigDecryptor.DecryptConfig($configDict)
note

You will need to run the full script again to see any changes. Running just the final line will give you the results before your changes.

If you have any questions or require any assistance with this process, please contact us at support@getatria.com.