<div dir="ltr"><div>I realized it's just attempting to download rebar, so I just put it in the project folder myself and it doesn't complain anymore. Still that's a workaround, there is some issue. Will report it to zotonic guys.<br></div>Thank you,<br>Ivan<br></div><div class="gmail_extra"><br><div class="gmail_quote">2014-09-19 14:50 GMT+02:00 Ben Murphy <span dir="ltr"><<a href="mailto:benmmurphy@gmail.com" target="_blank">benmmurphy@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">I think it is because it sends an empty server_name extension and otp<br>
cannot handle it.<br>
<br>
A server that receives a client hello containing the "server_name"<br>
extension MAY use the information contained in the extension to guide<br>
its selection of an appropriate certificate to return to the client,<br>
and/or other aspects of security policy. In this event, the server<br>
SHALL include an extension of type "server_name" in the (extended)<br>
server hello. The "extension_data" field of this extension SHALL be<br>
empty.<br>
<div><div class="h5"><br>
<br>
<br>
On Fri, Sep 19, 2014 at 10:00 AM, Iván Martínez<br>
<<a href="mailto:ivan.martinez@iberlang.com">ivan.martinez@iberlang.com</a>> wrote:<br>
> Hello all,<br>
> I just hired a CentOS 7 server that came with very little software<br>
> installed. I installed Erlang 17.3 from sources, attached is output of the<br>
> configure step. Now I'm trying to install zotonic but it fails when trying<br>
> to do a SSL handshake with github, see below:<br>
><br>
> [ivan@strasbourg1 zotonic]$ make<br>
> erl -noshell -s inets -s ssl \<br>
> -eval '{ok, saved_to_file} = httpc:request(get,<br>
> {"<a href="https://github.com/rebar/rebar/wiki/rebar" target="_blank">https://github.com/rebar/rebar/wiki/rebar</a>", []}, [], [{stream,<br>
> "./rebar"}])' \<br>
> -s init stop<br>
> {"init terminating in<br>
> do_boot",{{badmatch,{error,{failed_connect,[{to_address,{"<a href="http://github.com" target="_blank">github.com</a>",443}},{inet,[inet],{eoptions,{{{badmatch,<<0<br>
> bytes>>},[{ssl_handshake,dec_hello_extensions,2,[{file,"ssl_handshake.erl"},{line,1737}]},{ssl_handshake,decode_handshake,3,[{file,"ssl_handshake.erl"},{line,926}]},{tls_handshake,get_tls_handshake_aux,3,[{file,"tls_handshake.erl"},{line,155}]},{tls_connection,next_state,4,[{file,"tls_connection.erl"},{line,433}]},{gen_fsm,handle_msg,7,[{file,"gen_fsm.erl"},{line,503}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},{line,237}]}]},{gen_fsm,sync_send_all_state_event,[<0.54.0>,{start,infinity},infinity]}}}}]}}},[{erl_eval,expr,3,[]}]}}<br>
><br>
> Crash dump was written to: erl_crash.dump<br>
> init terminating in do_boot ()<br>
> make: *** [rebar] Error 1<br>
><br>
> I tried to do the handshake with openssl and apparently it works:<br>
><br>
> [ivan@strasbourg1 zotonic]$ openssl s_client -host <a href="http://github.com" target="_blank">github.com</a> -port 443<br>
> CONNECTED(00000003)<br>
> depth=2 C = US, O = DigiCert Inc, OU = <a href="http://www.digicert.com" target="_blank">www.digicert.com</a>, CN = DigiCert High<br>
> Assurance EV Root CA<br>
> verify return:1<br>
> depth=1 C = US, O = DigiCert Inc, OU = <a href="http://www.digicert.com" target="_blank">www.digicert.com</a>, CN = DigiCert SHA2<br>
> Extended Validation Server CA<br>
> verify return:1<br>
> depth=0 businessCategory = Private Organization, 1.3.6.1.4.1.311.60.2.1.3 =<br>
> US, 1.3.6.1.4.1.311.60.2.1.2 = Delaware, serialNumber = 5157550, street =<br>
> 548 4th Street, postalCode = 94107, C = US, ST = California, L = San<br>
> Francisco, O = "GitHub, Inc.", CN = <a href="http://github.com" target="_blank">github.com</a><br>
> verify return:1<br>
> ---<br>
> Certificate chain<br>
> 0 s:/businessCategory=Private<br>
> Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=5157550/street=548<br>
> 4th Street/postalCode=94107/C=US/ST=California/L=San Francisco/O=GitHub,<br>
> Inc./CN=<a href="http://github.com" target="_blank">github.com</a><br>
> i:/C=US/O=DigiCert Inc/OU=<a href="http://www.digicert.com/CN=DigiCert" target="_blank">www.digicert.com/CN=DigiCert</a> SHA2 Extended<br>
> Validation Server CA<br>
> 1 s:/C=US/O=DigiCert Inc/OU=<a href="http://www.digicert.com/CN=DigiCert" target="_blank">www.digicert.com/CN=DigiCert</a> SHA2 Extended<br>
> Validation Server CA<br>
> i:/C=US/O=DigiCert Inc/OU=<a href="http://www.digicert.com/CN=DigiCert" target="_blank">www.digicert.com/CN=DigiCert</a> High Assurance EV<br>
> Root CA<br>
> ---<br>
> Server certificate<br>
> -----BEGIN CERTIFICATE-----<br>
> MIIF4DCCBMigAwIBAgIQDACTENIG2+M3VTWAEY3chzANBgkqhkiG9w0BAQsFADB1<br>
> ...<br>
> XX4C2NesiZcLYbc2n7B9O+63M2k=<br>
> -----END CERTIFICATE-----<br>
> subject=/businessCategory=Private<br>
> Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=5157550/street=548<br>
> 4th Street/postalCode=94107/C=US/ST=California/L=San Francisco/O=GitHub,<br>
> Inc./CN=<a href="http://github.com" target="_blank">github.com</a><br>
> issuer=/C=US/O=DigiCert Inc/OU=<a href="http://www.digicert.com/CN=DigiCert" target="_blank">www.digicert.com/CN=DigiCert</a> SHA2 Extended<br>
> Validation Server CA<br>
> ---<br>
> No client certificate CA names sent<br>
> Server Temp Key: ECDH, prime256v1, 256 bits<br>
> ---<br>
> SSL handshake has read 3233 bytes and written 375 bytes<br>
> ---<br>
> New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256<br>
> Server public key is 2048 bit<br>
> Secure Renegotiation IS supported<br>
> Compression: NONE<br>
> Expansion: NONE<br>
> SSL-Session:<br>
> Protocol : TLSv1.2<br>
> Cipher : ECDHE-RSA-AES128-GCM-SHA256<br>
> Session-ID:<br>
> DDEF6E78852287351EC5B20FFDD2578F8996E7226CB883A5F1A94325048B79C6<br>
> Session-ID-ctx:<br>
> Master-Key:<br>
> D6C6283F463BFCD5A160E0CCE0CC8962CF944E5C98153040E4BC20466981B1622A5327C1E6BBED5F1751A049782908E5<br>
> Key-Arg : None<br>
> Krb5 Principal: None<br>
> PSK identity: None<br>
> PSK identity hint: None<br>
> Start Time: 1411113552<br>
> Timeout : 300 (sec)<br>
> Verify return code: 0 (ok)<br>
> ---<br>
> closed<br>
><br>
> What can be wrong?. Thank you.<br>
> Ivan<br>
><br>
</div></div>> _______________________________________________<br>
> erlang-questions mailing list<br>
> <a href="mailto:erlang-questions@erlang.org">erlang-questions@erlang.org</a><br>
> <a href="http://erlang.org/mailman/listinfo/erlang-questions" target="_blank">http://erlang.org/mailman/listinfo/erlang-questions</a><br>
><br>
</blockquote></div><br></div>