[erlang-questions] Cowboy SSL issues with Chrome/FF

Ingela Andin ingela.andin@REDACTED
Fri Jan 10 09:52:28 CET 2014


This is problem is resolved in the latest version of the ssl application.
The reason it works with some browser and not with others is that some
browsers does not correctly ignore unknown ssl hello extensions, and the
erlang ssl application sent an incorrect extension (which of course it
should not) but a correct SSL/TLS implementation will ignored it!
1.1  SSL 5.3.2 Fixed Bugs and Malfunctions


   Honors the clients advertised support of elliptic curves and no longer
   sends incorrect elliptic curve extension in server hello.

   Own Id: OTP-11370

Regards Ingela Erlang/OTP team - Ericsson AB

2014/1/9 James Lyons <james.penguins@REDACTED>

> Using certificates from StartSSL and GoGetSSL, cowboy site fails to load
> on Chrome v31 with "ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED" on mac & ubuntu
> and FF v26 with "Error code: sec_error_invalid_key" on mac and ubuntu.
> Site will load in Safari properly and certificate shows as valid.
> Anyone seen this behavior before?
> Thanks!
> --
> James Lyons
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20140110/654cd0fd/attachment.htm>

More information about the erlang-questions mailing list