[erlang-questions] TLS cipher suite with Galois Counter Mode (GCM)

Danil Zagoskin <>
Tue Sep 8 14:38:01 CEST 2015


Hi, John!

What OTP version do you use?
OTP17 and prior do not support GCM, you need OTP18.

Old possible ciphers:
https://github.com/erlang/otp/blob/maint-17/lib/ssl/src/ssl_cipher.erl#L46
New possible ciphers:
https://github.com/erlang/otp/blob/maint-18/lib/ssl/src/ssl_cipher.erl#L48
(note the aes_128_gcm and aes_256_gcm ciphers).

On Tue, Sep 8, 2015 at 2:58 PM, John Foldager <>
wrote:

> We're using RabbitMQ and now have a request for supporting the following
> cipher suites:
>     TLS_RSA_WITH_AES_128_GCM_SHA256 (0X009C)
>     TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256  (0XC02F)
>     TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0X009E)
>     TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0XC02B)
>
> However, if we use the following commands from the Erlang CLI we don't see
> these cipher suites:
>
>     io:format("~p", [ssl:cipher_suites(openssl)]).
>     io:format("~p", [ssl:cipher_suites(erlang)]).
>
> So how can we make these cipher suites available to Erlang.... and then
> RabbitMQ that runs on top of Erlang?
>
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions
>
>


-- 
Danil Zagoskin | 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150908/3841155e/attachment.html>


More information about the erlang-questions mailing list