diff options
| author | Michael Klishin <mklishin@pivotal.io> | 2018-10-23 16:38:08 +0300 |
|---|---|---|
| committer | Michael Klishin <mklishin@pivotal.io> | 2018-10-23 16:38:08 +0300 |
| commit | 81ea5ad37bf61a073cdd5ff3141cd92843dde156 (patch) | |
| tree | 1f20fdf936de0e5fa2621bd06f3bbe5d08603a72 /test | |
| parent | aad01b4bac34c6198906fce36ad39e71256d8ba8 (diff) | |
| download | rabbitmq-server-git-81ea5ad37bf61a073cdd5ff3141cd92843dde156.tar.gz | |
Expose cipher configuration to new style config format
As ssl_options.ciphers.$cipher.
Closes #1712.
[#160792113]
Diffstat (limited to 'test')
| -rw-r--r-- | test/config_schema_SUITE_data/rabbit.snippets | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/test/config_schema_SUITE_data/rabbit.snippets b/test/config_schema_SUITE_data/rabbit.snippets index 685b05b3dc..625fcd93a9 100644 --- a/test/config_schema_SUITE_data/rabbit.snippets +++ b/test/config_schema_SUITE_data/rabbit.snippets @@ -302,6 +302,45 @@ tcp_listen_options.exit_on_close = false", {keyfile,"test/config_schema_SUITE_data/certs/key.pem"}, {versions,['tlsv1.2','tlsv1.1']}]}]}], []}, + + {ssl_options_ciphers, + "listeners.ssl.1 = 5671 + ssl_options.cacertfile = test/config_schema_SUITE_data/certs/cacert.pem + ssl_options.certfile = test/config_schema_SUITE_data/certs/cert.pem + ssl_options.keyfile = test/config_schema_SUITE_data/certs/key.pem + ssl_options.versions.1 = tlsv1.2 + ssl_options.versions.2 = tlsv1.1 + ssl_options.ciphers.1 = ECDHE-ECDSA-AES256-GCM-SHA384 + ssl_options.ciphers.2 = ECDHE-RSA-AES256-GCM-SHA384 + ssl_options.ciphers.3 = ECDHE-ECDSA-AES256-SHA384 + ssl_options.ciphers.4 = ECDHE-RSA-AES256-SHA384 + ssl_options.ciphers.5 = ECDH-ECDSA-AES256-GCM-SHA384 + ssl_options.ciphers.6 = ECDH-RSA-AES256-GCM-SHA384 + ssl_options.ciphers.7 = ECDH-ECDSA-AES256-SHA384 + ssl_options.ciphers.8 = ECDH-RSA-AES256-SHA384 + ssl_options.ciphers.9 = DHE-RSA-AES256-GCM-SHA384", + [{ssl,[{versions,['tlsv1.2','tlsv1.1']}]}], + [{ssl,[{versions,['tlsv1.2','tlsv1.1']}]}, + {rabbit, + [{ssl_listeners,[5671]}, + {ssl_options, + [{cacertfile,"test/config_schema_SUITE_data/certs/cacert.pem"}, + {ciphers, [ + "DHE-RSA-AES256-GCM-SHA384", + "ECDH-ECDSA-AES256-GCM-SHA384", + "ECDH-ECDSA-AES256-SHA384", + "ECDH-RSA-AES256-GCM-SHA384", + "ECDH-RSA-AES256-SHA384", + "ECDHE-ECDSA-AES256-GCM-SHA384", + "ECDHE-ECDSA-AES256-SHA384", + "ECDHE-RSA-AES256-GCM-SHA384", + "ECDHE-RSA-AES256-SHA384" + ]}, + {certfile,"test/config_schema_SUITE_data/certs/cert.pem"}, + {keyfile,"test/config_schema_SUITE_data/certs/key.pem"}, + {versions,['tlsv1.2','tlsv1.1']}]}]}], + []}, + {ssl_options_allow_poodle, "listeners.ssl.1 = 5671 ssl_allow_poodle_attack = true |