[rabbitmq-discuss] ssl ciphers with federation

Emile Joubert emile at rabbitmq.com
Thu Jan 2 14:32:25 GMT 2014


On 20/12/13 20:12, Karras, Thomas wrote:

> I’m having some issues using federation with SSL. We are using a FIPS
> openSSL client 

Is there any reason for that? Dropping in a different OpenSSL library is
not sufficient for FIPS compliance. At the time of writing the
open-source version of Erlang makes use of MD5 internally.

> once we setup a new upstream with SSL the server crashes with the
> same MD5 forbidden error.

Constraining upstream brokers to only use non-MD5 ciphers (using
ssl_options) should prevent the error.


More information about the rabbitmq-discuss mailing list