[erlang-questions] Cowboy SSL issues with Chrome/FF
James Lyons
james.penguins@REDACTED
Fri Jan 10 17:41:08 CET 2014
Ingela, Andreas,
Thanks for your responses. I actually just found someone else who asked the same question a week ago (which Andreas answered), sorry for the duplication. New to the mailing list.
http://erlang.org/pipermail/erlang-questions/2014-January/076385.html
Thanks!
--
James Lyons
On Friday, January 10, 2014 at 4:35 AM, Andreas Schultz wrote:
> Hi,
>
> Also, R16B03 will attempt to use a curve in ECDHE exchanges that is not
> supported by Chrome. Either exclude all ECDHE ciphers from the cipher list
> or apply the change from https://github.com/erlang/otp/pull/183
>
> Andreas
>
> ----- Original Message -----
> > Hi!
> >
> > This is problem is resolved in the latest version of the ssl application. The
> > reason it works with some browser and not with others is that some browsers
> > does not correctly ignore unknown ssl hello extensions, and the erlang ssl
> > application sent an incorrect extension (which of course it should not) but
> > a correct SSL/TLS implementation will ignored it!
> > 1.1 SSL 5.3.2
> > Fixed Bugs and Malfunctions
> >
> >
> > *
> >
> > Honors the clients advertised support of elliptic curves and no longer sends
> > incorrect elliptic curve extension in server hello.
> >
> > Own Id: OTP-11370
> >
> > Regards Ingela Erlang/OTP team - Ericsson AB
> >
> >
> > 2014/1/9 James Lyons < james.penguins@REDACTED (mailto:james.penguins@REDACTED) >
> >
> >
> >
> > Using certificates from StartSSL and GoGetSSL, cowboy site fails to load on
> > Chrome v31 with "ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED" on mac & ubuntu and
> > FF v26 with "Error code: sec_error_invalid_key" on mac and ubuntu.
> >
> > Site will load in Safari properly and certificate shows as valid.
> >
> > Anyone seen this behavior before?
> >
> > Thanks!
> >
> > --
> > James Lyons
> >
> >
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED (mailto:erlang-questions@REDACTED)
> > http://erlang.org/mailman/listinfo/erlang-questions
> >
> >
> >
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED (mailto:erlang-questions@REDACTED)
> > http://erlang.org/mailman/listinfo/erlang-questions
> >
>
>
> --
> --
> Dipl. Inform.
> Andreas Schultz
>
> email: as@REDACTED (mailto:as@REDACTED)
> phone: +49-391-819099-224
> mobil: +49-170-2226073
>
> ------------------- enabling your networks -------------------
>
> Travelping GmbH phone: +49-391-819099229
> Roentgenstr. 13 fax: +49-391-819099299
> D-39108 Magdeburg email: info@REDACTED (mailto:info@REDACTED)
> GERMANY web: http://www.travelping.com
>
> Company Registration: Amtsgericht Stendal Reg No.: HRB 10578
> Geschaeftsfuehrer: Holger Winkelmann | VAT ID No.: DE236673780
> --------------------------------------------------------------
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140110/ce63a203/attachment.htm>
More information about the erlang-questions
mailing list