[erlang-questions] TLS cipher suite with Galois Counter Mode (GCM)

Tuncer Ayaz <>
Tue Sep 8 14:05:48 CEST 2015


On Tue, Sep 8, 2015 at 1:58 PM, John Foldager wrote:
> We're using RabbitMQ and now have a request for supporting the
> following cipher suites:
>
>     TLS_RSA_WITH_AES_128_GCM_SHA256 (0X009C)
>     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256  (0XC02F)
>     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0X009E)
>     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0XC02B)
>
> However, if we use the following commands from the Erlang CLI we
> don't see these cipher suites:
>
>     io:format("~p", [ssl:cipher_suites(openssl)]).
>     io:format("~p", [ssl:cipher_suites(erlang)]).
>
> So how can we make these cipher suites available to Erlang.... and
> then RabbitMQ that runs on top of Erlang?

To rule out the obvious and assuming there's no difference in the
OpenSSL install between the build and deploy host, does openssl
list it as available?

$ openssl ciphers -v|grep AES128-GCM-SHA256


More information about the erlang-questions mailing list