<div dir="ltr">Hi!<br><div><br>This I suspect is because of of ssl in OTP 18 no longer supports legacy insecure ciphers and SSL/TLS versions by default. If needed<br></div><div>for interoperability they can still be configured.<br></div><div><div class="gmail_extra"><br></div><div class="gmail_extra">From the release notes:<br></div><div class="gmail_extra"><p>
"Remove default support for SSL-3.0, due to Poodle
vunrability in protocol specification.</p>
<p>
Add padding check for TLS-1.0 to remove Poodle
vunrability from TLS 1.0, also add the option
padding_check. This option only affects TLS-1.0
connections and if set to false it disables the block
cipher padding check to be able to interoperate with
legacy software.</p>
<p>
Remove default support for RC4 cipher suites, as they are
consider too weak."</p><br><div class="gmail_quote">2015-09-01 18:44 GMT+02:00 Roberto Ostinelli <span dir="ltr"><<a href="mailto:roberto@widetag.com" target="_blank">roberto@widetag.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Dear all,<div>I'm using SSL with Cowboy and I keep on getting these kind of errors in the logs:</div><div><br></div><div><div><font face="monospace, monospace">SSL: hello: tls_handshake.erl:167:Fatal error: insufficient security</font></div></div></div></blockquote><div><br></div><div>Could not find any common algorithms<br></div><div><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><font face="monospace, monospace">SSL: hello: tls_handshake.erl:174:Fatal error: protocol version<br></font></div></div></blockquote><div><br></div><div>No accetable TLS protocol version<br></div><div><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><font face="monospace, monospace"></font></div><div><font face="monospace, monospace">SSL: certify: ssl_alert.erl:93:Fatal error: bad certificate<br></font></div><div><font face="monospace, monospace">SSL: hello: tls_handshake.erl:118:Fatal error: inappropriate fallback<br></font></div></div></blockquote><div><br></div><div>Prevention of Poodle<br></div><div><br> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div><font face="monospace, monospace"></font></div><div><font face="monospace, monospace">SSL: cipher: ssl_cipher.erl:292:Fatal error: bad record mac</font><br></div><div><br></div><div>I've started seeing those after I've upgraded to Erlang 18.0.2. This wasn't happening in 17.5.</div><div><br></div><div>Has anyone seen this, and has clues for me to pinpoint what the problem is?</div><div>Also, is there anyway for me to recover the originating IP address?</div><div><br></div><div>Any help appreciated.</div><br></div></blockquote></div><br></div><div class="gmail_extra">Regards Ingela Erlang/OTP team - Ericsson AB<br></div><div class="gmail_extra"><br><br></div></div></div>