[erlang-questions] self signed certs problem
Wes James
comptekki@REDACTED
Fri Oct 4 16:48:09 CEST 2013
How would I do this in the .app.src?
I have:
{application, dbswui, [
{description, "database search web ui."},
{vsn, "0.1.0"},
{modules, []},
{registered, []},
{applications, [
kernel,
stdlib,
crypto,
public_key,
cowlib,
cowboy,
ssl
]},
{mod, {dbswui_app, []}},
{env, []}
]}.
I have this from a previous email from you on list.
{ciphers, [{dhe_rsa,aes_256_cbc,sha256},
{dhe_dss,aes_256_cbc,sha256},
{rsa,aes_256_cbc,sha256},
{dhe_rsa,aes_128_cbc,sha256},
{dhe_dss,aes_128_cbc,sha256},
{rsa,aes_128_cbc,sha256},
{dhe_rsa,aes_256_cbc,sha},
{dhe_dss,aes_256_cbc,sha},
{rsa,aes_256_cbc,sha},
{dhe_rsa,'3des_ede_cbc',sha},
{dhe_dss,'3des_ede_cbc',sha},
{rsa,'3des_ede_cbc',sha},
{dhe_rsa,aes_128_cbc,sha},
{dhe_dss,aes_128_cbc,sha},
{rsa,aes_128_cbc,sha},
{rsa,rc4_128,sha},
{rsa,rc4_128,md5},
{dhe_rsa,des_cbc,sha},
{rsa,des_cbc,sha}]}
I tried to put this in the env [] list, but it didn't help.
Thanks,
Wes
On Fri, Oct 4, 2013 at 1:44 AM, Ingela Andin <ingela.andin@REDACTED> wrote:
> Hi Wes!
>
> I have heard from several sources that they have problems connecting with
> Firefox and Chrome
> when Elliptic curve cipher suites are enabled. Elliptic curve ciphers
> where first supported at all in R16 and are by default enabled, although
> will not be used if the client does not claim to be able to use them.
> It does seem though that other clients can connect like curl, s_client
> (openssl), some python client and now opera. I also know that some ECC
> ciphers are broken in openssl version 1.0.0 and 1.0.0.a.
> So it seems like it is a client problem that you may workaround by
> disabling Elliptic Curve cipher suites
> until the clients get fixed. Also R16B02 fixes an ECC bug so R16B will not
> be better then R16B02, going
> back to R15 will work as the ECC ciphers where not supported at all, but I
> can see other reasons you would not want to do that.
>
> Regards Ingela Erlang/OTP team - Ericsson AB
>
>
>
>
> 2013/10/4 Wes James <comptekki@REDACTED>
>
>> Somewhere along the line I've started having issues with self-signed
>> certs.
>>
>> On xubuntu I've:
>>
>> recently upgraded chrome and firefox (both having issues)
>>
>> recently upgraded cowboy to master
>>
>> recently upgrade to 16B02 (compiled then installed)
>>
>> I'm having issues accessing sites on https now. I get an error from
>> firefox, but try to accept but get a security error. On chrome, it just
>> says it can't get to the site. I then tried opera. I have to confirm some
>> boxes on opera, but I can finally see the https sites.
>>
>> Anyone else having these issues?
>>
>> I've tried going back to 16B, but still have the issues so I'm not sure
>> if it is erlang. I've tried compiling code with 0.8.1 of cowboy with 16B,
>> but still have the same issues (where it was working fine before), so I'm
>> not sure where the problem is.
>>
>> Thanks,
>>
>> Wes
>>
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20131004/b3fc36e1/attachment.htm>
More information about the erlang-questions
mailing list