[erlang-questions] SSL: "unknown ca"

e <>
Sat Jan 31 22:14:28 CET 2015


On 01/31/2015 10:06 PM, Imants Cekusins wrote:
>> By default SSL gives you secure connections, that means both encryption and authentication.
>
> does this authentication feature necessitate a third party CA?

no. (and this is why i am puzzled)
it involves my own CA and one cert signed by this CA
and both of these certs are perfectly verifiable by openssl (as called 
from the command line)

(i even bothered to ensure trustworthiness of my CA with the system's 
openssl)

and i supply these certs to the erlang's ssl the following way:
{cacertfile, Dir ++ "ca.crt"},
{certfile, Dir ++ "server.crt"},
{keyfile, Dir ++ "server.key"}
% No other options

where: server.crt = concatenation of ca.crt my.crt


More information about the erlang-questions mailing list