[erlang-bugs] possible bug in ssl and/or public_key module (R13 and R14)

Lichtinger, Bernhard <>
Fri Sep 17 10:15:05 CEST 2010


You have to add the ssloption {depth,3} in this case, as "couchdb.staging.one.ubuntu.com" has a certificate chain of depth 3 and default depth is 1. 
>    Options = [
>                {ssl_imp, new},
>                binary,
>                {nodelay, true},
>                {active, false},
>                {verify, verify_none},
>                % {verify_fun, fun(_) -> true end},
>    ],

The "SSL: certify_certificate: ./ssl_handshake.erl:502:Fatal error: handshake
failure" results of reaching the maximum depth in certificate chain check and if the certificate at the maximum depth is not from a CA, the certificate check returns an error and the ssl handshake fails.

Bernhard Lichtinger

More information about the erlang-bugs mailing list