[erlang-questions] SSL Client CA Certs/chain validation

Eric Meadows-Jönsson eric.meadows.jonsson@REDACTED
Thu Jul 23 03:15:22 CEST 2015

I maintain a http client using httpc as part of the Hex package manager and
have been trying to do proper HTTPS connections with it. In my experience
there is a lot of things you have to implement yourself if you want to do
it correctly and I have had many of the same questions you have. Many
things are still not clear for me but hopefully I can answer some of your
questions. I am going to be linking to Elixir code but I think it will be
easy for an Erlang programmer to understand it.

These are the SSL options I use:

Interesting options are `verify_fun`, Erlang doesn't seem to support
hostname verification so I use an Elixir port of
https://github.com/deadtrickster/ssl_verify_hostname.erl for that, many
thanks to Ilya Khaprov for creating that library. I pass in a CA
certificate store via `cacerts`, it is generated from Mozilla's store with
curl's mk-ca-bundle tool http://curl.haxx.se/docs/mk-ca-bundle.html, you
can see how it is called here:

Finally, unless you implement the `partial_chain` function many websites
wont work because they do not send a complete certificate chain.
Disclaimer: I do not know the correct (and secure) way to implement this
function, I even received a security bug report recently
https://github.com/hexpm/hex/issues/108 because the old implementation was
even more wrong. As you can see from the linked issue we are still not
confident that this is a correct implementation. Reviews of this function
from the OTP team or someone intimate with Erlang SSL would be very much

There are also the new options for SNI in OTP 18 which I have not
implemented yet.

As you can tell there is a lot of code you have to write yourself and
Erlang's ssl application does not have very exhaustive documentation or any
guides at all AFAICT, so it is very hard to implement this without any bugs
exposing security holes and I am not very confident in my own code because
of this.

On Thu, Jul 23, 2015 at 2:28 AM, Kaiduan Xie <kaiduanx@REDACTED> wrote:

> The following articles explain thing very clearly,
> http://security.stackexchange.com/questions/59566/ssl-certificate-chain-verification
> http://security.stackexchange.com/questions/56389/ssl-certificate-framework-101-how-does-the-browser-actually-verify-the-validity
> /Kaiduan
> On Wed, Jul 22, 2015 at 7:35 PM, Geoff Cant <nem@REDACTED> wrote:
> > Hi all, I’m wondering if anyone has written a guide (or can link to
> example code) showing how they use OTP’s SSL library to connect to
> arbitrary TLS servers on the internet with x.509 cert chain validation.
> >
> > I know the default SSL library option is ‘verify_none’, and that there
> is a ‘cacertfile’ option, but a) it’s 2015 and you should verify cert
> chains, and b) are people really bundling all the standard public CA certs
> into a single giant cacertfile? If you are bundling say all of ubuntu’s
> /etc/certs, do you have any tooling for this (cat /etc/certs/*.pem >>
> get_me_everyone.cacerts)? Am I missing something and OTP automatically uses
> the contents of /etc/certs ?
> >
> > Also, are people writing utility libraries/code to wrap ssl:* in order
> to setup the connect/listen options they use? (I know I wrote one to do
> certificate pinning)
> >
> >
> > I’m generally curious about your OTP ssl client use - particularly
> around cert chain validation.
> >
> > Cheers,
> > -Geoff
> > _______________________________________________
> > erlang-questions mailing list
> > erlang-questions@REDACTED
> > http://erlang.org/mailman/listinfo/erlang-questions
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions

Eric Meadows-Jönsson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150723/1d81e851/attachment.htm>

More information about the erlang-questions mailing list