[erlang-questions] Unexpected tls_alert "handshake failure" connecting to api.bitbucket.org (and others) with Erlang 18.3.4 (and later)

Jake Gordon jakesgordon@REDACTED
Sun Nov 6 22:53:51 CET 2016

Hi All.

I'm hoping to get some insight into a problem with ssl:connect (and
ultimately httpc:request) getting tls handshake errors connecting to some
(but not all) webservers even while other clients on the same machine
(cURL, Ruby Net::HTTP, etc) can connect just fine.

I'm using Erlang 19.1.3, but this issue appears to have started with 18.3.4
(earlier versions appear to work correctly)

I'm trying to connect to a (correctly configured) public endpoint at

  > ssl:connect('api.bitbucket.org', 443, []).
  {error,{tls_alert,"handshake failure"}}

If I attempt to connect to a different endpoint, lets say api.github.com it
works just fine.

  > ssl:connect('api.github.com', 443, [])
  {ok,{sslsocket, ... }}

Since it's only *some* SSL endpoints, clearly there is some server side
certificate configuration causing the erlang client to behave differently
during the handshake, but I'm not sure how to diagnose this when cURL and
other language clients work correctly.

I'm using a clean install of the esl-erlang packages provided by Erlang
Solutions on Ubuntu 16.04 and debugging with older versions it looks like
it broke somewhere around 18.3.4

Any insights would be greatly appreciated!

- Jake
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20161106/31fc019a/attachment.htm>

More information about the erlang-questions mailing list