[erlang-questions] cipher negotiation problem in SSL application when using PFS only
Bernd May
bm@REDACTED
Fri Jan 30 11:38:17 CET 2015
Hi,
On 23.01.2015 17:22, Ingela Andin wrote:
> You can use
>
> io:format("~p", [ssl:cipher_suites(openssl)]).
> io:format("~p", [ssl:cipher_suites(erlang)]).
Thanks, this allowed me to check the cipher suites again but so far I
have not found any difference. the output shows that erlang is supposed
to support the dhe cipher I want to use. Unfortunately the common
cipherlist in the tls_handshake:hello() is empty :-/
I have added a debug trace for further debugging:
http://pastebin.com/dayy06L2
Also I have noticed that this seems to be a problem of the R16B03
Erlang. if I use Erlang 17.4 as server and client it works. I had tested
it before with an R16B03 server and a 17.4 client , which didn't work. I
have also tested it with a 17.4 server now and a R16B03 client and that
also works.
seems I ahve to find out what changed in the ssl code between these
versions and then patch it step by step to track down the problem.
Regards,
--
Bernd May
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150130/ec040077/attachment.bin>
More information about the erlang-questions
mailing list