[erlang-questions] self signed certs problem

Ingela Andin <>
Fri Oct 4 20:47:15 CEST 2013


Hi Christopher!

Would it be possible for you to create an example self-signed cert that
fails and that you could send to me?

Regards Ingela Erlang/OTP team - Ericsson AB


2013/10/4 Christopher Meiklejohn <>

> Hi Ingela,
>
> We've also been experiencing what seems to be the same problem using
> self-signed certificates.  I've verified that the same certificates, while
> producing a CA certificate error in R15B03 works, but fails to connect in
> R16B02 with no error in any logs.
>
> - Chris
>
> --
> Christopher Meiklejohn
> Software Engineer
> Basho Technologies, Inc.
>
>
>
> On Friday, October 4, 2013 at 2:44 AM, Ingela Andin wrote:
>
> > Hi Wes!
> >
> > I have heard from several sources that they have problems connecting
> with Firefox and Chrome
> > when Elliptic curve cipher suites are enabled. Elliptic curve ciphers
> where first supported at all in R16 and are by default enabled, although
> will not be used if the client does not claim to be able to use them.
> > It does seem though that other clients can connect like curl, s_client
> (openssl), some python client and now opera. I also know that some ECC
> ciphers are broken in openssl version 1.0.0 and 1.0.0.a.
> > So it seems like it is a client problem that you may workaround by
> disabling Elliptic Curve cipher suites
> > until the clients get fixed. Also R16B02 fixes an ECC bug so R16B will
> not be better then R16B02, going
> > back to R15 will work as the ECC ciphers where not supported at all, but
> I can see other reasons you would not want to do that.
> >
> > Regards Ingela Erlang/OTP team - Ericsson AB
> >
> >
> >
> >
> > 2013/10/4 Wes James < (mailto:)>
> > > Somewhere along the line I've started having issues with self-signed
> certs.
> > >
> > > On xubuntu I've:
> > >
> > > recently upgraded chrome and firefox (both having issues)
> > >
> > > recently upgraded cowboy to master
> > >
> > > recently upgrade to 16B02 (compiled then installed)
> > >
> > > I'm having issues accessing sites on https now. I get an error from
> firefox, but try to accept but get a security error. On chrome, it just
> says it can't get to the site. I then tried opera. I have to confirm some
> boxes on opera, but I can finally see the https sites.
> > >
> > > Anyone else having these issues?
> > >
> > > I've tried going back to 16B, but still have the issues so I'm not
> sure if it is erlang. I've tried compiling code with 0.8.1 of cowboy with
> 16B, but still have the same issues (where it was working fine before), so
> I'm not sure where the problem is.
> > >
> > > Thanks,
> > >
> > > Wes
> > >
> > > _______________________________________________
> > > erlang-questions mailing list
> > >  (mailto:)
> > > http://erlang.org/mailman/listinfo/erlang-questions
> >
> >
> > _______________________________________________
> > erlang-questions mailing list
> >  (mailto:)
> > http://erlang.org/mailman/listinfo/erlang-questions
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20131004/12398e7d/attachment.html>


More information about the erlang-questions mailing list