[erlang-questions] self signed certs problem

Wes James <>
Fri Oct 4 21:07:10 CEST 2013


I use this script to create the self-signed certs:

#!/bin/bash

if [ -a ./priv/ssl/cert.pem -o -a ./priv/ssl/key.pem ]
then

echo
echo "priv/ssl/cert.pem and/or priv/ssl/key.pem already exist."
echo "Delete priv/ssl/cert.pem or priv/ssl/key.pem to create new ones."
echo

else

mkdir -p priv/ssl
umask 077 && touch priv/ssl/key.pem priv/ssl/cert.pem
openssl genrsa 2048 > priv/ssl/key.pem
openssl req -new -x509 -nodes -sha1 -days 3650 -out priv/ssl/cert.pem -key
priv/ssl/key.pem < blank
echo
echo
echo "Done creating cert..."
echo

fi


the file "blank" has this text:

US
some-state
some-city
some-org
some-unit
some-host
some-address


-wes


On Fri, Oct 4, 2013 at 2:02 AM, Andreas Schultz <> wrote:

> Hi Wes,
>
> Chrome tries to validate the issuer and the CRL's for all certificates.
> When
> that fails, it will display an error page that looks much like a connection
> problem.
>
> Does the certificate contain a CRL or OSCP reference? And could you share a
> sample certificate that has this problem?
>
> Regards
> Andreas
>
> ----- Original Message -----
> > Somewhere along the line I've started having issues with self-signed
> certs.
> >
> > On xubuntu I've:
> >
> > recently upgraded chrome and firefox (both having issues)
> >
> > recently upgraded cowboy to master
> >
> > recently upgrade to 16B02 (compiled then installed)
> >
> > I'm having issues accessing sites on https now. I get an error from
> firefox,
> > but try to accept but get a security error. On chrome, it just says it
> can't
> > get to the site. I then tried opera. I have to confirm some boxes on
> opera,
> > but I can finally see the https sites.
> >
> > Anyone else having these issues?
> >
> > I've tried going back to 16B, but still have the issues so I'm not sure
> if it
> > is erlang. I've tried compiling code with 0.8.1 of cowboy with 16B, but
> > still have the same issues (where it was working fine before), so I'm not
> > sure where the problem is.
> >
> > Thanks,
> >
> > Wes
> >
> > _______________________________________________
> > erlang-questions mailing list
> > 
> > http://erlang.org/mailman/listinfo/erlang-questions
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20131004/ca889aa1/attachment.html>


More information about the erlang-questions mailing list