[erlang-questions] SSL Out of Order Cert Chain Question (9.2)
Curtis J Schofield
curtis@REDACTED
Fri Oct 18 21:52:33 CEST 2019
Dear Erlang Questions:
SSL 9.0.2 mentions a patch to fix out of order cert chains
In SSL 9.2 we have a root CA and an out of order cert chain
for host hooks.glip.com.
When we try to verify peer with the out of order cert
chain we get 'Unknown CA'.
Is this expected behaviour for Erlang SSL 9.2 with verify_peer ?
The http://erlang.org/doc/apps/ssl/notes.html#ssl-9.0.2 notes
mention that other care may need to be taken to ensure compatibility.
Reproduce error:
https://github.com/robotarmy/out-of-order-ssl
Thank you,
Curtis and Team DevEco
Sent through ProtonMail Encrypted Email Channel.
More information about the erlang-questions
mailing list