[erlang-questions] Inets and SSL

Steve Davis steven.charles.davis@REDACTED
Sun Feb 8 23:11:16 CET 2009


Hmmm a search of erlang-r12b5/lib for the atom ssl_certificate_file
only appears to show it in appearing in the source for httpd_conf...

...UMMMMM... is ssl actually implemented for inets?!?

The httpd user guide intro (4.1 of inets) says "The server implements
numerous features such as SSL (Secure Sockets Layer), ...", but I'm
struggling to see how!

I sure hope I have got this very very wrong somehow...

/s


On Feb 8, 9:04 am, Steve Davis <steven.charles.da...@REDACTED> wrote:
> Hi,
>
> I'm having difficulty getting ssl to work with inets httpd, and would be
> very grateful for input/help on this one!
>
> The server starts fine, returns a pid. The port (443) is definitely open
> and listening according to the OS net stats. However, a connection from
> a browser just hangs with "connecting" (TIME_WAIT). It all just stays
> that way unless I stop inets in which case the browser will immediately
> report "page not available".
>
> Everything works fine for standard ip_comm. Also, if I move the pem
> files, then inets won't start (so I'm sure it can "see" them). Also
> these same cert/key pem files work fine if they are used for ssl with
> Nginx, so I'm sure they are not corrupt. Finally, it seems to make no
> difference at all if I have the "actual" erlang ssl application started
> or not.
>
> Here's the bare bones startup in which I've been trying all variants I
> can think of (including ssl's keyfile, certfile,
> ssl_ca_certificate_file, etc etc).
>
> start_ssl() ->
>      inets:start(),
>      {ok, Pid} = inets:start(httpd, [
>          {port, 443},
>          {server_name,"localhost"},
>          {server_root,"./tmp"},
>          {document_root,"./tmp/htdocs"},
>          {bind_address, "localhost"},
>          {socket_type, ssl},
>          {ssl_verify_client, 0},
>          {ssl_certificate_file, "../ssl/cacert.pem"},
>          {ssl_certificate_key_file, "../ssl/cakey.pem"},
>          {modules, [my_mod, mod_head, mod_get]},
>          {mimetypes, [
>              {"css", "text/css"},
>              {"js", "text/javascript"},
>              {"html", "text/html"}
>          ]}
>      ]),
>      Pid.
>
> I'm probably doing something dumb, so any observations would be very
> much appreciated!
>
> /s
> _______________________________________________
> erlang-questions mailing list
> erlang-questi...@REDACTED://www.erlang.org/mailman/listinfo/erlang-questions



More information about the erlang-questions mailing list