[erlang-questions] SSL Errors with R16B

Eric Boyer <>
Tue Jun 4 15:34:09 CEST 2013


Aaron,

You might want to make sure that you have the ASN.1 module code loaded. I
have had an issue before where my build didn't include it and SSL would
give those tls_alert issues. R15B worked fine, but when it wasn't in R16 it
would give errors.

Eric


On Fri, May 31, 2013 at 5:48 AM, Aaron France <>wrote:

> Hi,
>
> The code works fine on 15B, I know how to use the post. Please read what I
> am typing :)
>
> When I say "it doesn't work", I of course mean the error in the OP.
>
> Regards,
> Aaron
>
>
> On Fri, May 31, 2013 at 11:47 AM, Bogdan Andu <> wrote:
>
>> what does tit mean "it doesn't work for me"?
>>
>> you can POST a Body of data to an Url  like this:
>>
>> httpc:request(post, {"
>> https://region-b.geo-1.identity.hpcloudsvc.com:35357/",
>>                       [{"Content-Length", ContentLength}],
>>                       ContentType,
>>                       Body},
>>                  [], []).
>>
>> you have to make the Body and compute the length of the Body yourself.
>>
>> Best Regards and good luck
>>
>> Bogdan
>>
>>
>> On Fri, May 31, 2013 at 12:30 PM, Aaron France <>wrote:
>>
>>> Right, but it doesn't work for me. It's also an endpoint where you need
>>> to post/get w/ specific bodies, perhaps that's getting in the way?
>>>
>>>
>>> On Fri, May 31, 2013 at 11:25 AM, Bogdan Andu <> wrote:
>>>
>>>> it works!
>>>>
>>>>
>>>> On Fri, May 31, 2013 at 12:17 PM, Aaron France <
>>>> > wrote:
>>>>
>>>>> What's this telling you?
>>>>>
>>>>>
>>>>> On Fri, May 31, 2013 at 11:02 AM, Bogdan Andu <>wrote:
>>>>>
>>>>>>
>>>>>> Tried this:
>>>>>>
>>>>>> $ erl
>>>>>> Erlang R16B (erts-5.10.1) [source] [64-bit] [smp:2:2]
>>>>>> [async-threads:10] [kernel-poll:false]
>>>>>>
>>>>>>
>>>>>> Eshell V5.10.1  (abort with ^G)
>>>>>> 1> inest:start().
>>>>>> ** exception error: undefined function inest:start/0
>>>>>> 2> inets:start().
>>>>>> ok
>>>>>> 3> ssl:start().
>>>>>> ok
>>>>>> 4> httpc:request("
>>>>>> http://region-b.geo-1.identity.hpcloudsvc.com:35357/").
>>>>>> {error,socket_closed_remotely}
>>>>>> 5> httpc:request("
>>>>>> https://region-b.geo-1.identity.hpcloudsvc.com:35357/").
>>>>>>
>>>>>> {ok,{{"HTTP/1.1",200,"OK"},
>>>>>>      [{"cache-control","no-cache"},
>>>>>>       {"date","Fri, 31 May 2013 08:59:44 GMT"},
>>>>>>
>>>>>>       {"pragma","no-cache"},
>>>>>>       {"server","Apache-Coyote/1.1"},
>>>>>>       {"content-length","1080"},
>>>>>>       {"content-type","application/json"},
>>>>>>       {"expires","-1"}],
>>>>>>      "{\n  \"versions\" : {\n    \"otherAttributes\" : {\n    },\n
>>>>>> \"version\" : [ {\n      \"id\" : \"v1.0\",\n      \"otherAttributes\" :
>>>>>> {\n      },\n      \"status\" : \"DEPRECATED\",\n      \"updated\" :
>>>>>> \"2012-06-20T08:59:45.110Z\"\n    }, {\n      \"id\" : \"v1.1\",\n
>>>>>> \"link\" : [ {\n        \"href\" : \"
>>>>>> https://docs.hpcloud.com/api/identity\",\n        \"rel\" :
>>>>>> \"describedby\",\n        \"type\" : \"text/html\"\n      } ],\n
>>>>>> \"otherAttributes\" : {\n      },\n      \"status\" : \"CURRENT\",\n
>>>>>> \"updated\" : \"2012-06-20T08:59:45.110Z\"\n    }, {\n      \"id\" :
>>>>>> \"v2.0\",\n      \"link\" : [ {\n        \"href\" : \"
>>>>>> https://docs.hpcloud.com/api/identity\",\n        \"rel\" :
>>>>>> \"describedby\",\n        \"type\" : \"text/html\"\n      } ],\n
>>>>>> \"otherAttributes\" : {\n      },\n      \"status\" : \"CURRENT\",\n
>>>>>> \"updated\" : \"2012-06-20T08:59:45.110Z\"\n    }, {\n      \"id\" :
>>>>>> \"v3.0\",\n      \"link\" : [ {\n        \"href\" : \"
>>>>>> https://docs.hpcloud.com/api/identity\",\n        \"rel\" :
>>>>>> \"describedby\",\n        \"type\" : \"text/html\"\n      } ],\n
>>>>>> \"otherAttributes\" : {\n      },\n      \"status\" : \"BETA\",\n
>>>>>> \"updated\" : \"2013-04-25T08:59:45.110Z\"\n    } ]\n  }\n}"}}
>>>>>> 6>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, May 31, 2013 at 10:28 AM, Aaron France <
>>>>>> > wrote:
>>>>>>
>>>>>>> Hi,
>>>>>>>
>>>>>>> I'm using httpc, so I tried:     httpc:set_options([{socket,
>>>>>>> {verify, verify_none}}]). and I still receive the same error.
>>>>>>>
>>>>>>> That's correct? If not; let me know. Thanks!
>>>>>>>
>>>>>>> Regards,
>>>>>>> Aaron
>>>>>>>
>>>>>>>
>>>>>>> On Fri, May 31, 2013 at 9:19 AM, Bogdan Andu <>wrote:
>>>>>>>
>>>>>>>> may be the ssl stack  changed a bit and some defaults parameters.
>>>>>>>>
>>>>>>>> you may try to pass the ssl option {verify, verify_none} to
>>>>>>>> ssl:connect function and see what happens.
>>>>>>>>
>>>>>>>> Bogdan
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, May 30, 2013 at 10:17 PM, Aaron France <
>>>>>>>> > wrote:
>>>>>>>>
>>>>>>>>> Hi,
>>>>>>>>>
>>>>>>>>> But why is it working on R15B? Is the ssl code basically broken on
>>>>>>>>> R15B?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, May 30, 2013 at 9:12 PM, <> wrote:
>>>>>>>>>
>>>>>>>>>> Hello,
>>>>>>>>>>
>>>>>>>>>> verify the output of the command:
>>>>>>>>>>
>>>>>>>>>> $ openssl s_client -connect
>>>>>>>>>> region-b.geo-1.identity.hpcloudsvc.com:35357
>>>>>>>>>> ogdan
>>>>>>>>>> it seems that there is a certificate self signed.
>>>>>>>>>>
>>>>>>>>>> May be a solution is to disable certificate verification on peer
>>>>>>>>>> and see what happens.
>>>>>>>>>>
>>>>>>>>>> Bogdan
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Thursday, May 30, 2013 5:43:04 PM UTC+3, Aaron France wrote:
>>>>>>>>>>>
>>>>>>>>>>> Hi,
>>>>>>>>>>>
>>>>>>>>>>> I'm trying to make HTTPS calls to an API.
>>>>>>>>>>>
>>>>>>>>>>> My stack trace is:
>>>>>>>>>>>
>>>>>>>>>>> SSL: certify: ssl_handshake.erl:263:Fatal error: certificate
>>>>>>>>>>> unknown
>>>>>>>>>>> ** exception error: no match of right hand side value
>>>>>>>>>>>                     {error,
>>>>>>>>>>>                         {failed_connect,
>>>>>>>>>>>                             [{to_address,
>>>>>>>>>>>                                  {"region-b.geo-1.identity.**
>>>>>>>>>>> hpcloudsvc.com <http://region-b.geo-1.identity.hpcloudsvc.com>
>>>>>>>>>>> ",35357}},
>>>>>>>>>>>                              {inet,[inet],{tls_alert,"**certificate
>>>>>>>>>>> unknown"}}]}}
>>>>>>>>>>>      in function  herp_identity:login/3 (src/herp_identity.erl,
>>>>>>>>>>> line 9)
>>>>>>>>>>>
>>>>>>>>>>> I've looked at some other issues which point it to being a
>>>>>>>>>>> regression in R16B and I've reverted to R15 and the issue is non-existent.
>>>>>>>>>>>
>>>>>>>>>>> Any tips on getting around this or will it require a patch in
>>>>>>>>>>> R16B? The bug is still evident in HEAD so possibly not enough data has been
>>>>>>>>>>> gathered about it.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>> Aaron
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> erlang-questions mailing list
>>>>>>>>>> 
>>>>>>>>>> http://erlang.org/mailman/listinfo/erlang-questions
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20130604/f76158b2/attachment.html>


More information about the erlang-questions mailing list