n1c0

n1c0

AMQP client and TLSv1.3 / OTP23

Hello,

I am trying to connect the AMQP client to RabbitMQ server over TLSv1.3 and I am facing the following issue:

iex> AMQP.Connection.open([host: "playground.mydomain.net", port: "10001", username: "toto", password: "tata", ssl_options: [versions: [:"tlsv1.3"]]])

[12:36:38.655] - []
[supervisor: {#PID<0.707.0>, :amqp_connection_sup}, started: [pid: #PID<0.709.0>, name: :connection, mfargs: {:amqp_gen_connection, :start_link, [#PID<0.708.0>, {:amqp_params_network, "toto", {:plaintext, "tata"}, "/", 'playground.mydomain.net', 10001, 0, 0, 10, 50000, [server_name_indication: 'playground.mydomain.net', versions: [:"tlsv1.3"]], [&:amqp_auth_mechanisms.plain/3, &:amqp_auth_mechanisms.amqplain/3], [], []}]}, restart_type: :intrinsic, shutdown: :brutal_kill, child_type: :worker]]

when i try to use TLSv1.2, it works fine

iex> AMQP.Connection.open([host: "playground.mydomain.net", port: "10001", username: "toto", password: "tata", ssl_options: [versions: [:"tlsv1.2"]]])
...
{:ok, %AMQP.Connection{pid: #PID<0.693.0>}}

I am running the following versions for Elixir/Erlang:

Erlang/OTP 23 [erts-11.1] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:1] [hipe]

Elixir 1.10.4 (compiled with Erlang/OTP 23)

RabbitMQ server TLS is done via a TLS terminating proxy, so i enabled/disabled the TLSv1.2/TLSv1.3 for each attempt, they are not working both at the same time. The certs are Let’s Encrypt issued.

The same termination proxy handles :hackney as an HTTP TLSv1.3 client without any issue.

Any idea on what is going on ?

Thanks for your help

Most Liked

n1c0

n1c0

Found why it returns an empty list…the FIXME was never fixed…although we have OTP23 released…

-define(BAD_SSL_PROTOCOL_VERSIONS, [
                                    %% POODLE
                                    sslv3,

                                    %% Client side of TLS 1.3 is not yet
                                    %% implemented in Erlang/OTP 22.0
                                    %% prereleases. As a consequence,
                                    %% not sure about the stability of
                                    %% the server side.
                                    %%
                                    %% FIXME: Revisit this decision when
                                    %% Erlang/OTP 22.0 final release is
                                    %% out.
                                    'tlsv1.3'
                                   ]).

in rabbit_common pkg, in the file rabbit_ssl_options.erl

Where Next?

Popular in Questions Top

vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
lessless
I believe there are people here who are dealing with CSV files import on the daily basis, and since Excel is a really popular tool there ...
New
minhajuddin
I have seen a lot of code which picks the first element from a list using Enum.at(0) instead of List.first. Is there a reason why people ...
New
vac
Hi, I’m quite new in Elixir and I’m trying to format a string to a PEM format. I have the certificate value like MIIDBTCCAe2...... and I...
New
Fl4m3Ph03n1x
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: ) Hello all, this is ...
New
Lily
In templates/appointment/index.html.eex: &lt;%= for appointment &lt;- @appointments do %&gt; &lt;tr&gt; &lt;td&gt;&lt;%= appoi...
New
fayddelight
I tried installing elixir 1.11.2 erlang 23.3.4 via asdf in my zsh shell. Enabled the versions locally and globally. When I list them ...
New
JorisKok
I have a server on AWS, and was running a load test using artillery. When looking at the Phoenix dashboard I see the Ports going to 100% ...
New
earth10
Hi, I’m just starting to build a side-project with Elixir and Phoenix and doing some basic test with Elixir alone. What strikes me is th...
New

Other popular topics Top

sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
vertexbuffer
Hello, can anybody help here..? I have a list of players and I what to delete an element, but every for loop the list is reverting to ori...
New
marius95
Hello everyone, I try to use an Javascript Event Handler in my root.html.leex file. Therefore I created a function in the app.js file: ...
New
chrismccord
This release brings a number of exciting features, including integration with the new Phoenix LiveDashboard and Phoenix LiveView. There h...
New
Lily
In templates/appointment/index.html.eex: &lt;%= for appointment &lt;- @appointments do %&gt; &lt;tr&gt; &lt;td&gt;&lt;%= appoi...
New
AngeloChecked
What learn first? Rust or Elixir Hi Elixir community! I’m here because i want learn a new language. I’m a junior developer and mainly i ...
New
RisingFromAshes
I’ve read in another post that it may be possible with a router helper - but I couldn’t find an appropriate one, and tbh, I’m still just ...
New
boundedvariable
I am going through the kafka architecture. All the features what the kafka is providing are already in Erlang. I would like hear your opi...
New
klo
Got a question about when to concat vs. prepending items to list then reversing to achieve appending. So i know lists boil down to [1 | ...
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement