[erlang-bugs] SSL secure renegotiation not advertised
Emile Joubert
emile@REDACTED
Tue Jan 21 17:09:37 CET 2014
Hi,
A RabbitMQ customer has reported an issue with secure renegotiation of
SSL connections on versions of Erlang from R16B02. On earlier versions
the server advertises support for secure connections with the relevant
extension, e.g. OpenSSL reports
TLS server extension "renegotiation info" (id=65281), len=1
...
Secure Renegotiation IS supported
On R16B02 and R16B03 the extension is missing, end OpenSSL reports:
TLS server extension "elliptic curves" (id=10), len=52
TLS server extension "EC point formats" (id=11), len=2
...
Secure Renegotiation IS NOT supported
Setting {secure_renegotiate, boolean()} makes no difference. Is this a
bug or is there another way to get the server to be recognised as
RFC5746-compliant?
Emile
RabbitMQ
More information about the erlang-bugs
mailing list