[erlang-questions] SSL: "unknown ca"
Sat Jan 31 02:54:54 CET 2015
On 2015年1月31日 土曜日 02:41:35 e@REDACTED wrote:
> On 01/31/2015 02:37 AM, zxq9 wrote:
> > On 2015年1月31日 土曜日 02:13:39 e@REDACTED wrote:
> >> On 01/31/2015 02:09 AM, PAILLEAU Eric wrote:
> >>>> trusted by WHOM?
> >>>> what particular application makes a decision to throw me an error?
> >>> Trusted by you for sure.
> >> pardon me, i think puns are not very productive.
> >>> The error is raised by openssl.
> >> well, i guess there MUST BE a way to suppress this "wise" behavior.
> >> is there any docs, describing relations between erlang's "ssl" and
> >> openssl? how is it called? when? and what options are fed to openssl?
> >> maybe there is plain and simple switch "do not verify"?
> > This has been the reality sand in the CA pudding since the beginning.
> > You have a choice: verify every CA yourself (which pretty much relegates
> > you to only using CAs you or people you actually know generate), or trust
> > the general bundle that groups like OpenSSL, Mozilla, Google, Microsoft,
> > etc. generally trust together.
> You missed one important option: I shall trust MYSELF and it is exactly
> my case.
> i do not want my own certificate to be validated against my own authority.
> you see?
These two sentences are so perfectly misconstructed in the context of this
discussion that I'm having serious doubts as to your intent.
More information about the erlang-questions