rabbitmq-website icon indicating copy to clipboard operation
rabbitmq-website copied to clipboard

Published 20 hours ago verified publisher icon rabbitmq

TLS 1.3 does not support all TLS options

Open lukebakken opened this issue 4 years ago • 2 comments
trafficstars

The following options will cause RabbitMQ to crash upon startup if TLS 1.3 is the only enabled version:

ssl_options.client_renegotiation
ssl_options.secure_renegotiate

Reported in this rabbitmq-users discussion:

https://groups.google.com/g/rabbitmq-users/c/ZLdFmiqETZc/m/ED85hR7eAgAJ

I'm not quite sure if this is just a documentation issue or if schema validation should take this into account as well.

lukebakken avatar Feb 01 '21 18:02 lukebakken

We can try special casing in configuration validation.

michaelklishin avatar Feb 01 '21 18:02 michaelklishin

@michaelklishin this commit added ssl:handle_options which could be used to validate options earlier - https://github.com/erlang/otp/commit/6a6410b3d614fbb9418f60f39900e169dc7f0bff

lukebakken avatar Feb 01 '21 23:02 lukebakken