Bug in ssl_certificate.erl in R13B04

Jay jay@REDACTED
Sun May 2 07:35:20 CEST 2010


I came across to the same issue with the latest Yaws (yaws-1.88) together  
with R13B04. Access to HTTPS was totally denied.

I had two choices I'll do a quick hack to R13B04 or go back to R13B03. Of  
course, I chose the harder way.

I am quite sure this is not the right way to fix it, but it seems to work  
for now:

+++ ssl_certificate.erl
@@ -147,6 +147,13 @@
                       public_key:pkix_issuer_id(ErlCertCandidate, self);
                   false ->
                       find_issuer(OtpCert, Key)
+           end;
+       {Key, [{_Cert, ErlCertCandidate, not_encrypted}]} ->
+           case public_key:pkix_is_issuer(OtpCert, ErlCertCandidate) of
+               true ->
+                   public_key:pkix_issuer_id(ErlCertCandidate, self);
+               false ->
+                   find_issuer(OtpCert, Key)
               end
        end.

Best Regards,

Jay

Sisutec
http://www.sisutec.com.au




More information about the erlang-bugs mailing list