[erlang-questions] SSL certificate's subject too long

Ingela Andin ingela.andin@REDACTED
Wed Jun 27 09:59:15 CEST 2012


2012/6/27, Loïc Hoguin <essen@REDACTED>:
> On 06/25/2012 10:27 PM, Ingela Andin wrote:
>> Hi!
>> 2012/6/25 Loďc Hoguin <essen@REDACTED>:
>>> Hey,
>>> I'm running into the exact issue described here:
>>> http://www.mentby.com/Group/rabbitmq-discuss/ssl-certificate-error.html
>>> The certificate I have has a too long Subject line and Erlang just fails
>>> when trying to load it. This is a RapidSSL certificate, with a CA. Not
>>> sure
>>> I can just modify the subject directly while keeping it valid (don't
>>> know
>>> how anyway).
>>> Does anyone know how I could manage to use this certificate? If I need
>>> to
>>> patch OTP, any pointers as to where this fails is more than welcome.
>>> Thanks.
>> The ecertfile is a backwards compatibility error code that you will
>> get if ssl has a problem reading the certfile.
>> It could be a file-error or a file-format error, or a bug in OTP
>> application public_key. So if you want to pinpoint the error you can
>> do:
>> {ok, PemBin} = file:read_file("Cert.pem").
>> PemEntries = public_key:pem_decode(Pembin).
>> public_key:pem_entry_decode(hd(PemEntries)).
> Getting {'RSAPrivateKey','two-prime', ...
> All entries decode fine too.
> What next?

All entries, is there more than one certificate entry?

You can try tracing?  (Use observer if you are not comfortable using
dbg-module directly)

Regards Ingela Erlang/OTP team - Ericsson AB

More information about the erlang-questions mailing list