[erlang-questions] TLS: signature algorithms extension
Roger Lipscombe
roger@REDACTED
Mon Feb 15 17:45:20 CET 2016
Does Erlang support the signature algorithms extension in TLS 1.2
(https://tools.ietf.org/html/rfc5246#section-7.4.1.4.1)?
Specifically, I've got two classes of client, one of which expects a
SHA1-signed certificate, and one of which expects a SHA256-signed
certificate.
It appears that 'certfile' can only be specified once, and -- in
testing -- it appears that the file can contain only one server
certificate.
Can we use Erlang SSL (via ranch, if it matters) to serve a different
certificate based on the signature algorithms extension sent by the
client (or, if absent, a default)?
More information about the erlang-questions
mailing list