[erlang-questions] Enabling SSL CRL revocation validation for secure URLS in Erlang

Ingela Andin ingela.andin@REDACTED
Thu Jun 7 09:31:11 CEST 2018


If you expect CRL validation to work smooth please upgrade your Erlang/OTP
version.  We will consider extending the user guide. For now you can always
look at the test suites.

Regards Ingela Erlang/OTP team - Ericsson AB

2018-05-30 11:04 GMT+02:00 Soumya Shankar Sardar <

> Hi ,
> Need some help on SSL CRL revocation validation enabled for HTTPS in
> Erlang code.
> 1) using httpc.requests to access the secure URL.
> 2) In the SSL options, we have made {verify:verify_peer} and
> {crl_check:peer}.
> 3) Also we have added the CRL file in local cache by
> ssl_crl_cache:insert(file). CRL file is downloaded from CDP via http.
> Questions
> 1) With above setup the CRL validation not failing for revoked URL. Any
> idea if the approach is wrong. we followed the erlang.org docs.
> 2) Also how we can extend this when there is a CDP[CRL distribution point]
> to get the dynamic CRL file.
> 3) And how to do above with CDP URL embedded in Server hello message in
> the SSL negotiation.
> It will be great to see a sample code with CRL validation in Erlang for
> SSL HTTP access. We are using Erlang/OTP 18.1.
> All comments are welcome :)
> Regards
> Soumya
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20180607/b13cd416/attachment.htm>

More information about the erlang-questions mailing list