[erlang-questions] SSL certificate's subject too long
Ingela Andin
ingela.andin@REDACTED
Wed Jun 27 09:59:15 CEST 2012
Hi!
2012/6/27, Loïc Hoguin <essen@REDACTED>:
> On 06/25/2012 10:27 PM, Ingela Andin wrote:
>> Hi!
>>
>> 2012/6/25 Loďc Hoguin <essen@REDACTED>:
>>> Hey,
>>>
>>> I'm running into the exact issue described here:
>>> http://www.mentby.com/Group/rabbitmq-discuss/ssl-certificate-error.html
>>>
>>> The certificate I have has a too long Subject line and Erlang just fails
>>> when trying to load it. This is a RapidSSL certificate, with a CA. Not
>>> sure
>>> I can just modify the subject directly while keeping it valid (don't
>>> know
>>> how anyway).
>>>
>>> Does anyone know how I could manage to use this certificate? If I need
>>> to
>>> patch OTP, any pointers as to where this fails is more than welcome.
>>>
>>> Thanks.
>>>
>>
>> The ecertfile is a backwards compatibility error code that you will
>> get if ssl has a problem reading the certfile.
>> It could be a file-error or a file-format error, or a bug in OTP
>> application public_key. So if you want to pinpoint the error you can
>> do:
>> {ok, PemBin} = file:read_file("Cert.pem").
>> PemEntries = public_key:pem_decode(Pembin).
>> public_key:pem_entry_decode(hd(PemEntries)).
>
> Getting {'RSAPrivateKey','two-prime', ...
>
> All entries decode fine too.
>
> What next?
All entries, is there more than one certificate entry?
You can try tracing? (Use observer if you are not comfortable using
dbg-module directly)
Regards Ingela Erlang/OTP team - Ericsson AB
More information about the erlang-questions
mailing list