Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

tlsv1 alert insufficient security with rabbitmq

Tags:

erlang

rabbitmq

Tried with management console with both openssl and browser after enable ssl with rabbitMq 3.4.3.1 (Erlang 17.1)

Got this insufficient security issue. I guess something issue with erlang accepted ciphers for negotiation?

Anyone see this?

like image 927
Shaozhen Ding Avatar asked Dec 05 '25 11:12

Shaozhen Ding

2 Answers

My problem with same appearance was in x509 keyUsage certificate extension. Documentation "highly recommends" to use both digitalSignature and keyEncipherment, but in practice rabbitmq (3.7.18) won't work with RSA certificate specifying only keyUsage=keyEncipherment. You have to either omit keyUsage or add digitalSignature.

like image 192
MadRunner Avatar answered Dec 08 '25 05:12

MadRunner

Indeed certificate key usage extensions can also be the root cause. RabbitMQ documentation now has note about this [1].

  1. https://www.rabbitmq.com/ssl.html#key-usage
like image 35
Michael Klishin Avatar answered Dec 08 '25 06:12

Michael Klishin
Sign in to Comment

Related questions

Erlang: multiply two lists

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!