I wonder why we still have TLSv1.3 in the list of bad protocol versions in rabbit_ssl_options.erl
OTP23 was released and it was supposed to be revisited for OTP22. Any update on this as OTP23 use TLSv1.3 by default
-define(BAD_SSL_PROTOCOL_VERSIONS, [
%% POODLE
sslv3,
%% Client side of TLS 1.3 is not yet
%% implemented in Erlang/OTP 22.0
%% prereleases. As a consequence,
%% not sure about the stability of
%% the server side.
%%
%% FIXME: Revisit this decision when
%% Erlang/OTP 22.0 final release is
%% out.
'tlsv1.3'
]).
I have tested it by removing it, used a TLSv1.3 connection to a RabbitMQ server where TLS is done via a TLS terminating proxy, and the amqp client is in Erlang, it works fine.
Hello,
I wonder why we still have TLSv1.3 in the list of bad protocol versions in
rabbit_ssl_options.erl
OTP23 was released and it was supposed to be revisited for OTP22. Any update on this as OTP23 use TLSv1.3 by defaultI have tested it by removing it, used a TLSv1.3 connection to a RabbitMQ server where TLS is done via a TLS terminating proxy, and the amqp client is in Erlang, it works fine.
Any chance to support TLSv1.3 ?
Thanks