[erlang-questions] Inets and SSL

[Steve Davis]

Hi,

I'm having difficulty getting ssl to work with inets httpd, and would be 
very grateful for input/help on this one!

The server starts fine, returns a pid. The port (443) is definitely open 
and listening according to the OS net stats. However, a connection from 
a browser just hangs with "connecting" (TIME_WAIT). It all just stays 
that way unless I stop inets in which case the browser will immediately 
report "page not available".

Everything works fine for standard ip_comm. Also, if I move the pem 
files, then inets won't start (so I'm sure it can "see" them). Also 
these same cert/key pem files work fine if they are used for ssl with 
Nginx, so I'm sure they are not corrupt. Finally, it seems to make no 
difference at all if I have the "actual" erlang ssl application started 
or not.

Here's the bare bones startup in which I've been trying all variants I 
can think of (including ssl's keyfile, certfile, 
ssl_ca_certificate_file, etc etc).

start_ssl() ->
     inets:start(),
     {ok, Pid} = inets:start(httpd, [
         {port, 443},
         {server_name,"localhost"},
         {server_root,"./tmp"},
         {document_root,"./tmp/htdocs"},
         {bind_address, "localhost"},
         {socket_type, ssl},
         {ssl_verify_client, 0},
         {ssl_certificate_file, "../ssl/cacert.pem"},
         {ssl_certificate_key_file, "../ssl/cakey.pem"},
         {modules, [my_mod, mod_head, mod_get]},
         {mimetypes, [
             {"css", "text/css"},
             {"js", "text/javascript"},
             {"html", "text/html"}
         ]}
     ]),
     Pid.

I'm probably doing something dumb, so any observations would be very 
much appreciated!

/s