<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">OTP 17 and OTP 17.4<div class=""><br class=""></div><div class="">I solved it by passing {depth,2} option, but it still seems strange to me that <a href="http://google.com" class="">google.com</a> requires that option also and error message is incoherent an unrelated to the certificate check error.</div><div class=""><br class=""></div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">3 марта 2015 г., в 14:32, Lukas Winkler <<a href="mailto:winklerlukas@gmail.com" class="">winklerlukas@gmail.com</a>> написал(а):</div><br class="Apple-interchange-newline"><div class="">what erlang version are you running on?<br class=""><br class="">On 2 March 2015 at 21:46, Alex Hudich <<a href="mailto:alttagil@gmail.com" class="">alttagil@gmail.com</a>> wrote:<br class=""><blockquote type="cite" class="">Hi<br class=""><br class="">I’ve got some strange errors when I try to make SSL connection to a web-site with peer verification on.<br class=""><br class="">Here’s an example:<br class=""><br class="">I’ve downloaded PEM certificates from <a href="https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt" class="">https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt</a><br class=""><br class="">Then I start erl and run a command ssl:start().<br class=""><br class="">Then I try to connect somewhere (I renamed ca-bundle.crt file to a cacert.pem):<br class=""><br class="">2> ssl:connect( "<a href="http://t.ileads.ru" class="">t.ileads.ru</a>", 443, [{verify,verify_peer},{cacertfile,"cacert.pem"}]).<br class=""><br class="">=ERROR REPORT==== 2-Mar-2015::23:32:15 ===<br class="">SSL: certify: ssl_handshake.erl:1403:Fatal error: handshake failure<br class="">{error,{tls_alert,"handshake failure"}}<br class=""><br class=""><br class="">Without peer verification everything went ok.<br class=""><br class="">What’s wrong? Or maybe I do something wrong?<br class=""><br class="">--<br class="">cul8er, Alex.<br class="">_______________________________________________<br class="">erlang-questions mailing list<br class=""><a href="mailto:erlang-questions@erlang.org" class="">erlang-questions@erlang.org</a><br class="">http://erlang.org/mailman/listinfo/erlang-questions<br class=""></blockquote></div></blockquote></div><br class=""></div></body></html>