[erlang-questions] SSL client authentication help needed

Loïc Hoguin <>
Tue Oct 23 17:54:12 CEST 2012


On 10/23/2012 05:51 PM, Wes James wrote:
> Hi.
>
> On Tue, Oct 23, 2012 at 5:27 AM, Loïc Hoguin <
> <mailto:>> wrote:
>
>     Hello,
>
>     I am trying to set up client authentication on a website for
>     testing, but my knowledge of SSL is quite poor.
>
>     Can anyone give me clear steps to generate certificates and set
>     things up, or at least pinpoint me to resources that would help me
>     get started? Been trying for two days now and I'm kinda stuck.
>
>     Thanks!
>
>
> Not quite sure what you are doing.

Doing client authentication using SSL certificates (instead of digests 
or whatnot).

I just managed to get something working.

Client certificate is only requested if your SSL connection is 
configured with {verify, verify_peer}.

Then, for testing purposes, I also had to set a {verify_fun, FunInfo}, 
where the fun in FunInfo accepts self-signed certificates.

I'll document the whole process after I'm done with it.

-- 
Loïc Hoguin
Erlang Cowboy
Nine Nines
http://ninenines.eu



More information about the erlang-questions mailing list