<div dir="ltr"><div>Thanks. This works:</div><div><br></div><div>Url = "<a href="https://content.googleapis.com/youtube/v3/videos">https://content.googleapis.com/youtube/v3/videos</a>",</div>httpc:request(get,<br>    {Url, []},<br>    [{ssl, [<br>        {verify, verify_peer},<br>        {cacertfile, "/etc/ssl/certs/ca-certificates.crt"},<br>        {depth, 3},<br>        {customize_hostname_check, [<br>            {match_fun, public_key:pkix_verify_hostname_match_fun(https)}<br>        ]}]}<br>    ],<br><div>    []).</div><div><br></div><div>Shouldn't we have easy to use defaults?<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Sep 10, 2021 at 5:26 PM Bram Verburg <<a href="mailto:bram.verburg@voltone.net">bram.verburg@voltone.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div>This should help you get going making HTTPS requests using httpc:<div><a href="https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/ssl" target="_blank"><u></u><u></u>https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/ssl</a><br><div id="gmail-m_-3411069748775948505protonmail_mobile_signature_block"><br></div> <div><br></div><div><br></div>On Fri, Sep 10, 2021 at 17:17, pablo platt <<a href="mailto:pablo.platt@gmail.com" target="_blank">pablo.platt@gmail.com</a>> wrote:<blockquote type="cite">  <div dir="ltr"><div>Hi,</div><div><br></div><div>When I'm sending a request to <a href="http://content.googleapis.com" target="_blank">content.googleapis.com</a> without the verify ssl option I'm getting a warning:<br></div><div>Url = "<a href="https://content.googleapis.com/youtube/v3/videos" target="_blank">https://content.googleapis.com/youtube/v3/videos</a>",<br>httpc:request(get,<br>    {Url, []},<br>    [],<br>    []).</div><div><br></div><div>Description: "Authenticity is not established by certificate path validation"<br>     Reason: "Option {verify, verify_peer} and cacertfile/cacerts is missing"</div><div><br></div><div>When I'm adding the verify_peer option I'm getting an error:<br></div><div>Url = "<a href="https://content.googleapis.com/youtube/v3/videos" target="_blank">https://content.googleapis.com/youtube/v3/videos</a>",<br>httpc:request(get,<br>    {Url, []},<br>    [{ssl, [{verify, verify_peer}]}],<br>    []).</div><div><br></div><div>{error,{failed_connect,[{to_address,{"<a href="http://content.googleapis.com" target="_blank">content.googleapis.com</a>",<br>                                     443}},<br>                        {inet,[inet],{options,{cacertfile,[]}}}]}}</div><div><br></div><div>What is the correct way to send the request?</div><div><br></div><div>Thanks<br></div></div>
</blockquote><div><br></div><div><br></div></div></div></blockquote></div>