Erlang OTP 23.0-rc1 is available for testing
Max Lapshin
max.lapshin@REDACTED
Sun Mar 1 09:55:22 CET 2020
got it.
Looks that it is very hard to make "good-for-all" default SSL configuration.
On Sat, Feb 29, 2020 at 5:28 PM Bram Verburg <bram.verburg@REDACTED>
wrote:
> This is due to the fact that OTP 23 supports x25519/x448 in ECDH key
> exchange for TLS 1.3, but not TLS 1.2. I believe it will be fixed in the
> next RC. For now you can either disable TLS 1.3 or pass `{supported_groups,
> [secp256r1, secp384r1]}`.
>
> On Sat, 29 Feb 2020 at 03:48, Max Lapshin <max.lapshin@REDACTED> wrote:
>
>> Something with default cipher configuration?
>>
>> $ erl
>> Erlang/OTP 23 [RELEASE CANDIDATE 1] [erts-11.0] [source] [64-bit]
>> [smp:8:8] [ds:8:8:10] [async-threads:1] [hipe] [dtrace]
>>
>> Eshell V11.0 (abort with ^G)
>> 1> application:ensure_all_started(inets).
>> {ok,[inets]}
>> 4> application:ensure_all_started(ssl).
>>
>> {ok,[crypto,asn1,public_key,ssl]}
>> 5> httpc:request(get, {"https://repo.hex.pm/",[]}, [], [{body_format,
>> binary}]).
>> =NOTICE REPORT==== 29-Feb-2020::04:47:26.729009 ===
>> TLS client: In state certify at tls_connection.erl:1281 generated CLIENT
>> ALERT: Fatal - Handshake Failure
>> - malformed_handshake_data
>> {error,{failed_connect,[{to_address,{"repo.hex.pm",443}},
>> {inet,[inet],
>> {tls_alert,{handshake_failure,"TLS client:
>> In state certify at tls_connection.erl:1281 generated CLIENT ALERT: Fatal -
>> Handshake Failure\n malformed_handshake_data"}}}]}}
>>
>> ?
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20200301/ca6a5ed0/attachment.htm>
More information about the erlang-questions
mailing list