diff options
| author | Michael Klishin <mklishin@pivotal.io> | 2017-06-23 23:51:16 +0300 |
|---|---|---|
| committer | Michael Klishin <mklishin@pivotal.io> | 2017-06-23 23:51:40 +0300 |
| commit | 5aa080b9695e341784272268bf90927914f1ce7a (patch) | |
| tree | ad47b778abace4ab9d991c3a3147e55851a3ce3b | |
| parent | 371ebdba64b630182a8750345d4b44ddd0fd1dff (diff) | |
| download | rabbitmq-server-git-5aa080b9695e341784272268bf90927914f1ce7a.tar.gz | |
Add a mapping for ssl_options.honor_ecc_order
| -rw-r--r-- | priv/schema/rabbit.schema | 3 | ||||
| -rw-r--r-- | test/config_schema_SUITE_data/rabbit.snippets | 40 |
2 files changed, 43 insertions, 0 deletions
diff --git a/priv/schema/rabbit.schema b/priv/schema/rabbit.schema index e3eff6fb59..c503548187 100644 --- a/priv/schema/rabbit.schema +++ b/priv/schema/rabbit.schema @@ -207,6 +207,9 @@ end}. {mapping, "ssl_options.honor_cipher_order", "rabbit.ssl_options.honor_cipher_order", [{datatype, {enum, [true, false]}}]}. +{mapping, "ssl_options.honor_ecc_order", "rabbit.ssl_options.honor_ecc_order", + [{datatype, {enum, [true, false]}}]}. + {mapping, "ssl_options.key.RSAPrivateKey", "rabbit.ssl_options.key", [{datatype, string}]}. diff --git a/test/config_schema_SUITE_data/rabbit.snippets b/test/config_schema_SUITE_data/rabbit.snippets index 03a687db66..5d03ba1b13 100644 --- a/test/config_schema_SUITE_data/rabbit.snippets +++ b/test/config_schema_SUITE_data/rabbit.snippets @@ -310,6 +310,46 @@ tcp_listen_options.exit_on_close = false", {verify,verify_peer}, {fail_if_no_peer_cert,false}]}]}], []}, + {ssl_options_honor_cipher_order, + "listeners.ssl.1 = 5671 + ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem + ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem + ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem + ssl_options.depth = 2 + ssl_options.verify = verify_peer + ssl_options.fail_if_no_peer_cert = false + ssl_options.honor_cipher_order = true", + [{rabbit, + [{ssl_listeners,[5671]}, + {ssl_options, + [{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"}, + {certfile,"test/config_schema_SUITE_data/certs/cert.pem"}, + {keyfile,"test/config_schema_SUITE_data/certs/key.pem"}, + {depth,2}, + {verify,verify_peer}, + {fail_if_no_peer_cert, false}, + {honor_cipher_order, true}]}]}], + []}, + {ssl_options_honor_ecc_order, + "listeners.ssl.1 = 5671 + ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem + ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem + ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem + ssl_options.depth = 2 + ssl_options.verify = verify_peer + ssl_options.fail_if_no_peer_cert = false + ssl_options.honor_ecc_order = true", + [{rabbit, + [{ssl_listeners,[5671]}, + {ssl_options, + [{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"}, + {certfile,"test/config_schema_SUITE_data/certs/cert.pem"}, + {keyfile,"test/config_schema_SUITE_data/certs/key.pem"}, + {depth,2}, + {verify,verify_peer}, + {fail_if_no_peer_cert, false}, + {honor_ecc_order, true}]}]}], + []}, {ssl_cert_login_from, "ssl_cert_login_from = common_name", [{rabbit,[{ssl_cert_login_from,common_name}]}], |