Make it possible to configure Elliptic Curve cipher suites for TLS connections #748
Comments
|
The error message was |
michaelklishin
changed the title
|
Unfortunately, it is comically difficult to find definitive documentation on how to enable ECC cipher suites. Once that is figured out, doing it on the PerfTest side should not take much effort and anyone (well, anyone willing to work in Java I guess) should be able to contribute it. |
|
This relatively old article can still be quite relevant. |
|
You should be able to set TLS-related system properties from the command line. This configures the default If there is no way to configure this from the command line with system properties, we can consider a PR that adds a new PertTest command line argument and uses it to programmatically configure the |
Is your feature request related to a problem? Please describe.
We ran into an issue when using perf-test with a RabbitMQ-Cluster that uses ECDSA TLS certificates.
As far as we found out, only RSA is supported by perf-test, not ECDSA, even though the Java lib in use has support for it somehow.
Describe the solution you'd like
Support any of these cipher suites:
https://www.rabbitmq.com/docs/ssl#evaluation-of-a-tls-12-setup-with-restricted-cipher-suites
I didn't look in the code and did not find the default values for the ciphers, maybe they can all be added explicitly or something?
Describe alternatives you've considered
Changing to RSA works.
Additional context
No response
The text was updated successfully, but these errors were encountered: