[erlang-questions] SSL client verification for self-signed certificates
Dmitry Russ
dmitry.a.russ@REDACTED
Tue Jan 26 10:40:53 CET 2016
Hi,
I try to check client certificate verification using selfsigned server
certificates.
I try to use it:
ssl:connect("localhost", 8443, [binary, {verify, verify_peer}, {cacertfile,
"cert.pem"}], 60000)
> {:error, {:tls_alert, 'bad certificate'}}
After tracing, I got:
public_key.pkix_path_validation/3 -> {error, {bad_cert, selfsigned_peer}}
If I try to exclude this error, by rewriting verify fun, which allow for
this error to be a valid certificate, than all selfsigned certificates
simply accepted, it doesn't check it anymore.
Is it possible somehow to verify server self-signed certificate?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20160126/9111d15c/attachment.htm>
More information about the erlang-questions
mailing list