new ssl vs embedded mode

Doug Fort <>
Fri Dec 11 16:16:07 CET 2009

Our company (SpiderOak) is developing an SSL proxy in Erlang. We have
discovered that the new ssl implementation {ssl_imp, new} is much more
efficient for our purposes than the standard ssl.

Everything works fine in interactive mode, but when we try to run the
release in embedded mode we fail trying to read the certificate:

SSL: 995: error:{badmatch,{error,undef}} [{ssl_manager,cache_pem_file,1},
{ssl_certificate, file_to_certificats,1},
{ssl_connection,init_certificates,4}, {ssl_connection,ssl_init,2},
{ssl_connection,init,1}, {gen_fsm,init_it,6}, {proc_lib,init_p_do_apply,3}]

AFAIK the ssl_manager is not used by new_ssl.

If we comment out the {ssl_imp, new} in ssl:listen, once again everything
works fine.

So my question is: is it just too early to mess with new_ssl, or is there
some way to work around this?


Doug Fort, Consulting Programmer
Sent from Arlington, VA, United States

More information about the erlang-questions mailing list