[erlang-questions] new ssl vs embedded mode

Dan Gudmundsson <>
Sat Dec 12 00:31:33 CET 2009

On Fri, Dec 11, 2009 at 4:16 PM, Doug Fort <> wrote:
> Our company (SpiderOak) is developing an SSL proxy in Erlang. We have
> discovered that the new ssl implementation {ssl_imp, new} is much more
> efficient for our purposes than the standard ssl.

Cool we have done something right then.

> Everything works fine in interactive mode, but when we try to run the
> release in embedded mode we fail trying to read the certificate:
> SSL: 995: error:{badmatch,{error,undef}} [{ssl_manager,cache_pem_file,1},
> {ssl_certificate, file_to_certificats,1},
> {ssl_connection,init_certificates,4}, {ssl_connection,ssl_init,2},
> {ssl_connection,init,1}, {gen_fsm,init_it,6}, {proc_lib,init_p_do_apply,3}]
> AFAIK the ssl_manager is not used by new_ssl.

And we seem to have done some bad things as well.

> If we comment out the {ssl_imp, new} in ssl:listen, once again everything
> works fine.
> So my question is: is it just too early to mess with new_ssl, or is there
> some way to work around this?

It should be ok for usage now, I don't have any known faults prior to this one.
But I have not much feedback either.

I'll take a look at the problem next week, I will not debug ssl on
Friday night :-)


> Thanks
> --
> Doug Fort, Consulting Programmer
> http://www.dougfort.com
> Sent from Arlington, VA, United States

More information about the erlang-questions mailing list