[erlang-questions] erlang-questions] Inets and SSL

Steve Davis <>
Mon Feb 9 15:41:35 CET 2009


Thanks, Ingela. That would indeed explain it!

It did "feel" like a bug but I couldn't track it down exactly, so I
was using the principle of "it's you until you can prove otherwise".

Thanks for confirming, I will stop struggling :)

/s

On Feb 9, 2:38 am, Ingela Anderton Andin <>
wrote:
> Hi !
>
> Your are probably not doing anything dumb :)  This is a know bug that
> has been fixed
> and will be part of the upcoming release.
>
> The release note says:
>
> Ssl did not work correctly with the use of new style configuration due
> to an old internal format that was not
> changed correctly in all places.
>
> So a workaround would be to use old-style apache-like configuration
> files. ( I know that is not very appealing ;))
> or wait for R13 that is due in the end of Mars.
>
> Regards Ingela Erlang/OTP - Ericsson
>
>
>
>
>
> > Hi,
>
> > I'm having difficulty getting ssl to work with inets httpd, and would be
> > very grateful for input/help on this one!
>
> > The server starts fine, returns a pid. The port (443) is definitely open
> > and listening according to the OS net stats. However, a connection from
> > a browser just hangs with "connecting" (TIME_WAIT). It all just stays
> > that way unless I stop inets in which case the browser will immediately
> > report "page not available".
>
> > Everything works fine for standard ip_comm. Also, if I move the pem
> > files, then inets won't start (so I'm sure it can "see" them). Also
> > these same cert/key pem files work fine if they are used for ssl with
> > Nginx, so I'm sure they are not corrupt. Finally, it seems to make no
> > difference at all if I have the "actual" erlang ssl application started
> > or not.
>
> > Here's the bare bones startup in which I've been trying all variants I
> > can think of (including ssl's keyfile, certfile,
> > ssl_ca_certificate_file, etc etc).
>
> > start_ssl() ->
> >      inets:start(),
> >      {ok, Pid} = inets:start(httpd, [
> >          {port, 443},
> >          {server_name,"localhost"},
> >          {server_root,"./tmp"},
> >          {document_root,"./tmp/htdocs"},
> >          {bind_address, "localhost"},
> >          {socket_type, ssl},
> >          {ssl_verify_client, 0},
> >          {ssl_certificate_file, "../ssl/cacert.pem"},
> >          {ssl_certificate_key_file, "../ssl/cakey.pem"},
> >          {modules, [my_mod, mod_head, mod_get]},
> >          {mimetypes, [
> >              {"css", "text/css"},
> >              {"js", "text/javascript"},
> >              {"html", "text/html"}
> >          ]}
> >      ]),
> >      Pid.
>
> > I'm probably doing something dumb, so any observations would be very
> > much appreciated!
>
> _______________________________________________
> erlang-questions mailing list
> ://www.erlang.org/mailman/listinfo/erlang-questions



More information about the erlang-questions mailing list