[erlang-questions] SSL doesn't like my private key with password

Attila Rajmund Nohl attila.r.nohl@REDACTED
Wed Jul 25 17:49:21 CEST 2018


Hello!

I'm trying to start an SSL server with a key I got (i.e. I don't know
exactly how it was configured) that has a password. The password is OK
because I can start a server using these keys, certificates and
password using openssl. This is how I'm trying (it's OTP 19):

2> {ok, LS} = ssl:listen(12345, [{password, "password"}, {keyfile,
"node.key.pem"}, {certfile, "node.cert.pem"}, {cacertfile,
"ca-chain.cert.pem"}]).
{ok,{sslsocket,nil,...
3> {ok, TS} = ssl:transport_accept(LS).
{ok,{sslsocket,...

Then I connect to the socket using openssl s_client, then want to
accept the connection on the Erlang side:

4> ssl:ssl_accept(TS).
{error,{keyfile,function_clause}}

I guess it shouldn't happen. I found a question at stackoverflow with
similar contents:
https://stackoverflow.com/questions/50813212/erlang-ssl-password-option-for-private-key
and also a similar problem with RabbitMQ:
https://groups.google.com/forum/#!topic/rabbitmq-users/dW3Lz6omyfw

Is there a solution (other than using a different SSL private key or
upgrade to a newer OTP)?



More information about the erlang-questions mailing list