Erlang distribution over TLS hostname_check_failed

Oleg Tarasenko oltarasenko@REDACTED
Mon Aug 24 20:09:32 CEST 2020

Hey people,

I am getting the error {:bad_cert, :hostname_check_failed} when trying to
set up a cluster with different hostnames (I am running a docker network
with my own DNS which allows me to have names like, etc).

My certificates are self-signed and are generated with help of:
My configuration is simple and looks like this:

    {keyfile, "/Users/olegtarasenko/tls-gen/basic/result/server_key.pem"},
    {verify, verify_peer},
   {secure_renegotiate, true}]},
   {keyfile, "/Users/olegtarasenko/tls-gen/basic/result/client_key.pem"},
   {verify, verify_peer},
   {secure_renegotiate, true}]}].

This setup works one localhost. When my certificate has CN= In
this case, I can have nodes defined like app@REDACTED, app2@REDACTED, etc.

However, when I am on docker things are different. Now we have hostnames,
which looks real. And in this case, I need to understand how to define the
hostname in the certificate.

E.g. the config above suggests that I have a client and a server. However
what if I have 3 or 5 nodes? How do I provide valid certificates for each
of them? E.g. as I understand the hostname check will not allow me to reuse
the same config?

Finally, I am trying to supply CN as * however, checks are still
failing. Could someone advise a solution?

Best regards,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the erlang-questions mailing list