[erlang-questions] Enabling SSL CRL revocation validation for secure URLS in Erlang
Ingela Andin
ingela.andin@REDACTED
Thu Jun 7 09:31:11 CEST 2018
Hi!
If you expect CRL validation to work smooth please upgrade your Erlang/OTP
version. We will consider extending the user guide. For now you can always
look at the test suites.
Regards Ingela Erlang/OTP team - Ericsson AB
2018-05-30 11:04 GMT+02:00 Soumya Shankar Sardar <
soumya.shankar.sardar@REDACTED>:
> Hi ,
>
> Need some help on SSL CRL revocation validation enabled for HTTPS in
> Erlang code.
>
> 1) using httpc.requests to access the secure URL.
> 2) In the SSL options, we have made {verify:verify_peer} and
> {crl_check:peer}.
> 3) Also we have added the CRL file in local cache by
> ssl_crl_cache:insert(file). CRL file is downloaded from CDP via http.
>
> Questions
> 1) With above setup the CRL validation not failing for revoked URL. Any
> idea if the approach is wrong. we followed the erlang.org docs.
> 2) Also how we can extend this when there is a CDP[CRL distribution point]
> to get the dynamic CRL file.
> 3) And how to do above with CDP URL embedded in Server hello message in
> the SSL negotiation.
>
> It will be great to see a sample code with CRL validation in Erlang for
> SSL HTTP access. We are using Erlang/OTP 18.1.
>
> All comments are welcome :)
>
>
>
> Regards
>
> Soumya
>
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180607/b13cd416/attachment.htm>
More information about the erlang-questions
mailing list