[rabbitmq-discuss] ssl ciphers with federation
karrast
KarrasT at Pragmatics.com
Thu Jan 2 16:38:12 GMT 2014
The internal use of MD5 internally does not make something non-FIPS
compliant. FIPS only restricts communication with MD5 such as SSL. As you
mentioned though setting the ciphers in ssl_options on the brokers allow
them to be started without errors.
The problem comes with enabling federation. As soon as an upstream broker is
set on a running RabbitMQ instance using SSL, the server crashes with the
MD5 error. I believe this comes about because the federation plugin uses a
RabbitMQ client to communicate with the upstream broker which uses different
settings than what is set on the server.
Unfortunately I could not find a way to set ssl_options on the client used
for federation so that I could specify a cipher to use. I did look into the
old federation client which was around for the 3.0.0 release of RabbitMQ
which did allow you to set ssl_options on the federation client but that did
not seem to work any longer in the latest version.
So my main question was is there a way to set SSL ciphers on the federation
plugin?
Thanks,
Thomas
--
View this message in context: http://rabbitmq.1065348.n5.nabble.com/ssl-ciphers-with-federation-tp32276p32369.html
Sent from the RabbitMQ mailing list archive at Nabble.com.
More information about the rabbitmq-discuss
mailing list