bug in SSL-PKIX certificate parser

Fredrik Thulin <>
Tue Jun 28 21:42:57 CEST 2005


I've managed to create an invalid certificate that crashes Erlang when 
connecting to it. I was trying to create a certificate that was both a 
client and server, and ended up with a certificate that was neither ;).

Anyways, here is how to make the bug manifest itself, using R10B-6. 
Feel free to connect to the port 5061 at for testing 
purposes. I will leave the server with the invalid certificate there 
under my vacation, so if nothing happens to the server it should be 
there for a few weeks.

$ /pkg/erlang/R10B-6/bin/erl
Erlang (BEAM) emulator version 5.4.8 [source] [hipe]

Eshell V5.4.8  (abort with ^G)
1> application:start(ssl).
2> {ok, S} = ssl:connect("", 5061, []).
3> ssl:peercert(S, [subject, ssl]).

=ERROR REPORT==== 28-Jun-2005::21:37:25 ===
Error in process <0.30.0> with exit value: {{badmatch,{error,{asn1,

** exited: {{badmatch,{error,{asn1,{function_clause,
             {shell,eval_loop,3}]} **


More information about the erlang-questions mailing list