[erlang-questions] ssl: Bad Certficate using file generated using mkcert.org
Mon Apr 2 18:09:24 CEST 2018
On Mon, Apr 02, 2018 at 10:11:17AM +0200, Benoit Chesneau wrote:
> It seems according ssllabs there is a problem with the chain: "Incorrect
> order, Contains anchor" which is probably the root issue:
> I'm now wondering if there is any possibility to fix it in recent Erlang
> versions. Did anyone already encounter such issue?
I believe you can supply a custom verify_fun to the ssl application that
can, sometimes, let you fix some of these issues. You might be able to
handle the bad_cert case and fix up the ordering and verify it by hand.
There's some old code I wrote that uses this to do something similar
(except with CRLs) here:
More information about the erlang-questions