[erlang-questions] SSL: "unknown ca"
PAILLEAU Eric
eric.pailleau@REDACTED
Fri Jan 30 23:00:27 CET 2015
>
> my 'cacertfile' (as given to the 'ssl' application) contains one and
> only one certificate which is self-signed.
>
If it is self-signed, it is a root CA cert. (issuer=subject)
Depending X509 version, you may also have an attribute CA=true or
CA=false (version = 3 if I remember).
openssl x509 printing may help you.
For SSL you must have some KeyUsages :
serverAuth SSL/TLS Web Server Authentication.
clientAuth SSL/TLS Web Client Authentication.
Regards
More information about the erlang-questions
mailing list