[rabbitmq-discuss] ssl ciphers with federation

• Previous message: [rabbitmq-discuss] Shovel with multiple publish_properties oddity
• Next message: [rabbitmq-discuss] How to deal with untrusted publishers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi, 

 

I'm having some issues using federation with SSL. We are using a FIPS
openSSL client and the default SSL cipher seems to use md5 which is not
allowed. This causes the following error when trying to start up
rabbitMQ without setting a specific cipher.

 

md5_dgst.c(78): OpenSSL internal error, assertion failed: Digest MD5
forbidden in FIPS mode!

 

This error goes away and RabbitMQ starts up fine when a cipher is set in
the rabbitmq.config file. The problem comes up again when we set up
federation over SSL. In the latest version of RabbitMQ(3.2.2) there does
not seem to be a place to set up ssl_options for the federation
configuration, so once we setup a new upstream with SSL the server
crashes with the same MD5 forbidden error. Is there a way to default
erlang or maybe another parameter in the federation plugin where I can
set the SSL cipher for the federation client?

 

Thanks,

 

Thomas Karras

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rabbitmq.com/pipermail/rabbitmq-discuss/attachments/20131220/fd094482/attachment.html>

• Previous message: [rabbitmq-discuss] Shovel with multiple publish_properties oddity
• Next message: [rabbitmq-discuss] How to deal with untrusted publishers
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]