Skip to content

Different behavior around internode TLS on Erlang 26 #11074

Discussion options

You must be logged in to vote

@lukebakken I was able to fully replicate issue using Vagrant local environment, and also find the cause 🎉 .

Here is the new PoC enviroment https://github.com/daleksic-godaddy/rabbitmq-erlang-26-ssl-dist-optfile-issue-poc/tree/60f91070f6d8bc6b0341e632b73361cf16dc8648

In a nutshell, difference is due to how ssl options are handled in Erlang 26. It seems that excess options are not ignored anymore in erlang26, therefore:

[
  {server, [
    {cacertfile, "/etc/rabbitmq/tls/rabbitmq_server_wildcard.ca"},
    {certfile,   "/etc/rabbitmq/tls/rabbitmq_server_wildcard.crt"},
    {keyfile,    "/etc/rabbitmq/tls/rabbitmq_server_wildcard.key"},
    {secure_renegotiate, true},
    {verify, verify_peer…

Replies: 5 comments 5 replies

Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
1 reply
@lukebakken
Comment options

Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
2 replies
@lukebakken
Comment options

@daleksic-godaddy
Comment options

Comment options

You must be logged in to vote
2 replies
@lukebakken
Comment options

@michaelklishin
Comment options

Answer selected by michaelklishin
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
3 participants
Converted from issue

This discussion was converted from issue #11074 on April 24, 2024 14:33.