[erlang-questions] {tls_alert,"handshake failure"}

Alex Hudich <>
Wed Mar 4 09:34:54 CET 2015


OTP 17 and OTP 17.4

I solved it by passing {depth,2} option, but it still seems strange to me that google.com <http://google.com/> requires that option also and error message is incoherent an unrelated to the  certificate check error.


> 3 марта 2015 г., в 14:32, Lukas Winkler <> написал(а):
> 
> what erlang version are you running on?
> 
> On 2 March 2015 at 21:46, Alex Hudich <> wrote:
>> Hi
>> 
>> I’ve got some strange errors when I try to make SSL connection to a web-site with peer verification on.
>> 
>> Here’s an example:
>> 
>> I’ve downloaded PEM certificates from https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt
>> 
>> Then I start erl and run a command ssl:start().
>> 
>> Then I try to connect somewhere (I renamed ca-bundle.crt file to a cacert.pem):
>> 
>> 2>  ssl:connect( "t.ileads.ru", 443, [{verify,verify_peer},{cacertfile,"cacert.pem"}]).
>> 
>> =ERROR REPORT==== 2-Mar-2015::23:32:15 ===
>> SSL: certify: ssl_handshake.erl:1403:Fatal error: handshake failure
>> {error,{tls_alert,"handshake failure"}}
>> 
>> 
>> Without peer verification everything went ok.
>> 
>> What’s wrong? Or maybe I do something wrong?
>> 
>> --
>> cul8er, Alex.
>> _______________________________________________
>> erlang-questions mailing list
>> 
>> http://erlang.org/mailman/listinfo/erlang-questions

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20150304/9bb5146d/attachment.html>


More information about the erlang-questions mailing list