Hi,
first of all, you should not trust everything what is written on some random website looking for clicks. Always look at official documentation. TLS 1.3 is not supported on Windows 10 as explained here https://learn.microsoft.com/en-us/dotnet/framework/network-programming/tls#tls-support-in-net-framework and here https://learn.microsoft.com/en-us/windows/win32/secauthn/protocols-in-tls-ssl--schannel-ssp-#tls-protocol-version-support and here https://www.rabbitmq.com/docs/ssl#tls-version-support-in-jdk-and-net .
Second, RabbitMQ Docker image doesn’t come with TLS preconfigured so somebody configured that image for you, probably by just copy/pasting random configuration from here https://www.rabbitmq.com/docs/ssl#tls1.3 . If you want to allow TLS 1.2 setting:
ssl_options.versions.1 = tlsv1.3
ssl_options.versions.2 = tlsv1.2
should do the trick (though you will need to repeat this configuration for management plugin if used).
I’m guessing it doesn’t work for you because you also need to add proper ciphers which can be used by TLS 1.2. As explained on the same page, TLS 1.3 and TLS 1.2 do not share any ciphers.
And lastly, don’t mess around with SSL settings in the .NET app. Default configuration of “None” is enough in most cases. It will use the highest available TLS version from the OS.
Hope this helps.
--
Vilius
--
You received this message because you are subscribed to the Google Groups "rabbitmq-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
rabbitmq-user...@googlegroups.com.
To view this discussion on the web, visit
https://groups.google.com/d/msgid/rabbitmq-users/7e2eddea-4644-4d2f-99b7-3112edb0ededn%40googlegroups.com.
One more thing. If you want to keep just TLS 1.2 and TLS 1.3 (which is the default for recent Erlang versions), just remove ssl_options.versions completely. Enabling SSL listener and specifying certificates should be enough. More advanced TLS options are for… advanced specific configurations.
--
Vilius
To view this discussion on the web, visit https://groups.google.com/d/msgid/rabbitmq-users/AM8PR01MB7699FF7DB483427FBCDFBFC792DD2%40AM8PR01MB7699.eurprd01.prod.exchangelabs.com.