Still problems with new SSL?

Steve Davis <>
Sun Jul 11 18:22:48 CEST 2010


Can anyone make the code below (specifically against https://www.google.com)
work for

ssltest:run(new)?

I'm using the key.pem and cert.pem copied from ERLANG_HOME/lib/ssl-4.0/
examples/certs/etc/client

My results are:
2> ssltest:run(old).
{ok,<<"HTTP/1.1 200 OK\r\nDate: Sun, 11 Jul 2010 16:20:13 GMT\r
\nExpires: -1\r\nCache-Control: private, max-age=0\r\nConten"...>>}
3> ssltest:run(new).

=ERROR REPORT==== 11-Jul-2010::11:20:17 ===
SSL: decipher_error: ./ssl_record.erl:680:Fatal error: bad record mac
{error,"bad record mac"}
4>

----- module ssltest.erl ------
-module(ssltest).

-export([run/1]).

-define(HOST, "www.google.com").
-define(PORT, 443).
-define(REQUEST,
	<<"GET / HTTP/1.1\r\n",
	"Connection: close\r\n",
	"User-Agent: Mozilla/5.0 (Windows NT 5.1; en-US) Test/1.0.0\r\n",
	"Accept: application/xml,application/xhtml+xml,text/html;q=0.9,text/
plain;q=0.8,image/png,*/*;q=0.5\r\n",
	"Accept-Language: en-US,en;q=0.8\r\n",
	"Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3\r\n",
	"\r\n">>).

run(Impl) when Impl =:= old; Impl =:= new ->
	Opts = [binary, {ip, {0, 0, 0, 0}}, {active, false}, {packet, 0},
		{ssl_imp, Impl}, {verify, 0}, {depth, 1},
		{keyfile, "./key.pem"},
		{certfile, "./cert.pem"}],
	ssl:start(),
	{ok, Socket} = ssl:connect(?HOST, ?PORT, Opts),
	ok = ssl:send(Socket, ?REQUEST),
	catch ssl:recv(Socket, 0, 10000).


More information about the erlang-questions mailing list