[erlang-questions] TLS cipher suite with Galois Counter Mode (GCM)
John Foldager
john.foldager@REDACTED
Wed Sep 9 09:37:48 CEST 2015
Output from that command gives:
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA
Enc=AESGCM(128) Mac=AEAD
DHE-DSS-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=DSS Enc=AESGCM(128) Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH Au=RSA Enc=AESGCM(128) Mac=AEAD
ECDH-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/RSA Au=ECDH Enc=AESGCM(128) Mac=AEAD
ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH/ECDSA Au=ECDH
Enc=AESGCM(128) Mac=AEAD
AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
As Danil mentioned we need to upgrade Erlang to OTP 18, but then we
must first verify if RabbitMQ is supported on that Erlang version.
Thanks!
On Tue, Sep 8, 2015 at 2:05 PM, Tuncer Ayaz <tuncer.ayaz@REDACTED> wrote:
> On Tue, Sep 8, 2015 at 1:58 PM, John Foldager wrote:
>> We're using RabbitMQ and now have a request for supporting the
>> following cipher suites:
>>
>> TLS_RSA_WITH_AES_128_GCM_SHA256 (0X009C)
>> TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0XC02F)
>> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0X009E)
>> TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0XC02B)
>>
>> However, if we use the following commands from the Erlang CLI we
>> don't see these cipher suites:
>>
>> io:format("~p", [ssl:cipher_suites(openssl)]).
>> io:format("~p", [ssl:cipher_suites(erlang)]).
>>
>> So how can we make these cipher suites available to Erlang.... and
>> then RabbitMQ that runs on top of Erlang?
>
> To rule out the obvious and assuming there's no difference in the
> OpenSSL install between the build and deploy host, does openssl
> list it as available?
>
> $ openssl ciphers -v|grep AES128-GCM-SHA256
More information about the erlang-questions
mailing list