[erlang-questions] SSL issues with Firefox 51.0.1 and Chrome 56.0.2924.87

Lucas Persson Lucas.Persson@REDACTED
Wed Mar 1 10:39:59 CET 2017


I do have the same issue with FF and Chrome as and I did upgrade Erlang to 18 so that 
ssl_cipher:hash_algorithm(8) returns unassigned.

But still the browser can not connect properly since it says it got an "net::ERR_INSECURE_RESPONSE"

Checking the RFC for TLS1.2 then there isn't any hash_algorithm with value 8. Only 0-6 and 256 are valid values.

What change in FF and Chrome made them send value 8? That was not the case in FF 50 and Chrome 55.

The only "big change" in those browsers are that they do not trust any cert signed with SHA-1. 

The only log I get on the server side is:
2017-03-01T10:38:55.259 [error] [<0.434.0>|undefined] unknown_module: Ranch listener receiver_https had connection process started with cowboy_protocol:start_link/4 at <0.984.0> exit with reason: {closed,[{ranch_ssl,accept_ack,2,[{file,"src/ranch_ssl.erl"},{line,115}]},{cowboy_protocol,init,4,[{file,"src/cowboy_protocol.erl"},{line,91}]}]}

2017-03-01T10:38:55.259 [error] [emulator|undefined] unknown_module: Error in process <0.984.0> on node cepheid@REDACTED with exit value:


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3587 bytes
Desc: not available
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20170301/1268bfdd/attachment.bin>

More information about the erlang-questions mailing list