[erlang-questions] ssl:peercert returns no_peercert on server, but works on client
Ingela Andin
ingela.andin@REDACTED
Fri Nov 23 10:25:39 CET 2012
Hello again!
I hit the send button by accident before I was finished ...
[..]
> Why do you not validate the certificate in the veryify_fun as part of
> the path_validation?
> And why do you specify a verify_fun that accepts all standard
> certificates path errors
> that is not very safe!
>
> fun(_,{bad_cert, _} = Reason, _) ->
> {fail, Reason};
> (_,{extension, _}, UserState) ->
> {unknown, UserState};
> (_, valid, UserState) ->
> {valid, UserState};
> (PeerCert, valid_peer, UserState) ->
%% Here you can do verifications of the peer cert
> {valid, UserState}
> end, []}
Regards Ingela Erlang/OTP team - Ericsson AB
More information about the erlang-questions
mailing list