TLS can be used simply to establish an encrypted communication channel, but can additionally exchange signed certificates between the end points of the channel, and those certificates can optionally be verified.
If Erlang/OTP is compiled from source, it is necessary to ensure that finds Open SSL and builds the above libraries.
When investigating TLS connectivity issues, please keep in mind that in the vast majority of cases they are environment-specific and do not indicate a bug or limitation in Erlang/OTP's TLS implementation.
A number of beginner-oriented primers are available elsewhere on the Web: one two, three, four.
TLS can be enabled for all protocols supported by Rabbit MQ, not just AMQP 0-9-1, which this guide focuses on.
Keys and certificates are necessary for Rabbit MQ and clients that connect to the server on a TLS-enabled port.
However, the process is fairly labourious and can be error-prone.
This includes client connections and popular plugins, where applicable, such as Federation links.
It is also possible to use TLS to encrypt inter-node connections in clusters.
Suggested workarounds if you want to run Rabbit MQ as a service is to upgrade to a later Windows release or downgrade to an earlier version of Open SSL (v0.9.7e is known to work).