1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML>
<HEAD>
<TITLE> [99s-extend] ssl_hello_world
</TITLE>
<LINK REL="Index" HREF="index.html" >
<LINK REL="made" HREF="mailto:extend%40lists.ninenines.eu?Subject=Re%3A%20%5B99s-extend%5D%20ssl_hello_world&In-Reply-To=%3C5347D8C7.8020906%40ninenines.eu%3E">
<META NAME="robots" CONTENT="index,nofollow">
<style type="text/css">
pre {
white-space: pre-wrap; /* css-2.1, curent FF, Opera, Safari */
}
</style>
<META http-equiv="Content-Type" content="text/html; charset=us-ascii">
<LINK REL="Previous" HREF="000370.html">
<LINK REL="Next" HREF="000372.html">
</HEAD>
<BODY BGCOLOR="#ffffff">
<H1>[99s-extend] ssl_hello_world</H1>
<B>Loïc Hoguin</B>
<A HREF="mailto:extend%40lists.ninenines.eu?Subject=Re%3A%20%5B99s-extend%5D%20ssl_hello_world&In-Reply-To=%3C5347D8C7.8020906%40ninenines.eu%3E"
TITLE="[99s-extend] ssl_hello_world">essen at ninenines.eu
</A><BR>
<I>Fri Apr 11 13:57:59 CEST 2014</I>
<P><UL>
<LI>Previous message: <A HREF="000370.html">[99s-extend] ssl_hello_world
</A></li>
<LI>Next message: <A HREF="000372.html">[99s-extend] ssl
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#371">[ date ]</a>
<a href="thread.html#371">[ thread ]</a>
<a href="subject.html#371">[ subject ]</a>
<a href="author.html#371">[ author ]</a>
</LI>
</UL>
<HR>
<!--beginarticle-->
<PRE>It's tested on ArchLinux from R15B01 to master so that's unrelated to
the Erlang version.
On 04/11/2014 01:48 PM, Samir Sow wrote:
><i> Thx.
</I>><i>
</I>><i> On which OS + Erlang version is the server running ?
</I>><i>
</I>><i> Samir
</I>><i> On 11 avr. 2014, at 13:41, Loïc Hoguin <<A HREF="https://lists.ninenines.eu/listinfo/extend">essen at ninenines.eu</A>> wrote:
</I>><i>
</I>>><i> This is the successful output I get. You should try to see why yours is different, perhaps someone somewhere ran into the same issue at some point. Note that the --cacert option isn't needed and basically makes no difference.
</I>>><i>
</I>>><i>
</I>>><i> % curl -ikvv <A HREF="https://localhost:8443">https://localhost:8443</A>
</I>>><i> * Rebuilt URL to: <A HREF="https://localhost:8443/">https://localhost:8443/</A>
</I>>><i> * Hostname was NOT found in DNS cache
</I>>><i> * Trying 127.0.0.1...
</I>>><i> * Connected to localhost (127.0.0.1) port 8443 (#0)
</I>>><i> * successfully set certificate verify locations:
</I>>><i> * CAfile: /etc/ssl/certs/ca-certificates.crt
</I>>><i> CApath: none
</I>>><i> * SSLv3, TLS handshake, Client hello (1):
</I>>><i> * SSLv3, TLS handshake, Server hello (2):
</I>>><i> * SSLv3, TLS handshake, CERT (11):
</I>>><i> * SSLv3, TLS handshake, Server key exchange (12):
</I>>><i> * SSLv3, TLS handshake, Server finished (14):
</I>>><i> * SSLv3, TLS handshake, Client key exchange (16):
</I>>><i> * SSLv3, TLS change cipher, Client hello (1):
</I>>><i> * SSLv3, TLS handshake, Finished (20):
</I>>><i> * SSLv3, TLS change cipher, Client hello (1):
</I>>><i> * SSLv3, TLS handshake, Finished (20):
</I>>><i> * SSL connection using ECDHE-RSA-AES256-SHA384
</I>>><i> * Server certificate:
</I>>><i> * subject: C=US; ST=Texas; O=Nine Nines; OU=Cowboy; CN=localhost
</I>>><i> * start date: 2013-02-28 05:23:34 GMT
</I>>><i> * expire date: 2033-02-23 05:23:34 GMT
</I>>><i> * issuer: C=US; ST=Texas; O=Nine Nines; OU=Cowboy; CN=ROOT CA
</I>>><i> * SSL certificate verify result: self signed certificate in certificate chain (19), continuing anyway.
</I>>>><i> GET / HTTP/1.1
</I>>>><i> User-Agent: curl/7.35.0
</I>>>><i> Host: localhost:8443
</I>>>><i> Accept: */*
</I>>>><i>
</I>>><i> < HTTP/1.1 200 OK
</I>>><i> HTTP/1.1 200 OK
</I>>><i> < connection: keep-alive
</I>>><i> connection: keep-alive
</I>>><i> * Server Cowboy is not blacklisted
</I>>><i> < server: Cowboy
</I>>><i> server: Cowboy
</I>>><i> < date: Fri, 11 Apr 2014 11:30:03 GMT
</I>>><i> date: Fri, 11 Apr 2014 11:30:03 GMT
</I>>><i> < content-length: 12
</I>>><i> content-length: 12
</I>>><i> < content-type: text/plain
</I>>><i> content-type: text/plain
</I>>><i>
</I>>><i> <
</I>>><i>
</I>>><i>
</I>>><i> On 04/11/2014 01:25 PM, Samir Sow wrote:
</I>>>><i> Thx.
</I>>>><i>
</I>>>><i> Same error …
</I>>>><i> Openssl s_client does not work either.
</I>>>><i> the server does not answer to ClientHello …
</I>>>><i>
</I>>>><i> Samir
</I>>>><i>
</I>>>><i> On 11 avr. 2014, at 13:18, Loïc Hoguin <<A HREF="https://lists.ninenines.eu/listinfo/extend">essen at ninenines.eu</A>> wrote:
</I>>>><i>
</I>>>>><i> The certificate in the SSL example is self-generated, try curl with the --insecure option.
</I>>>>><i>
</I>>>>><i> On 04/11/2014 12:39 PM, Samir Sow wrote:
</I>>>>>><i> Hi,
</I>>>>>><i>
</I>>>>>><i> Still struggling to make ssl work.
</I>>>>>><i>
</I>>>>>><i> I downloaded the example ssl_hello_world.
</I>>>>>><i> Upon execution : i get the following error with curl
</I>>>>>><i>
</I>>>>>><i> About to connect() to localhost port 8443 (#0)
</I>>>>>><i> * Trying ::1... Connexion refusée
</I>>>>>><i> * Trying 127.0.0.1... connected
</I>>>>>><i> * Connected to localhost (127.0.0.1) port 8443 (#0)
</I>>>>>><i> * Initializing NSS with certpath: sql:/etc/pki/nssdb
</I>>>>>><i> * NSS error -8018
</I>>>>>><i> * Closing connection #0
</I>>>>>><i> * Problem with the SSL CA cert (path? access rights?)
</I>>>>>><i> curl: (77) Problem with the SSL CA cert (path? access rights?)
</I>>>>>><i>
</I>>>>>><i>
</I>>>>>><i> cmd = curl -vv --cacert priv/cert/cowboy-ca.crt -i <A HREF="https://localhost:8443/">https://localhost:8443/</A>
</I>>>>>><i>
</I>>>>>><i> cacert path checked.
</I>>>>>><i> read permission checked
</I>>>>>><i>
</I>>>>>><i> I’ve tested with a browser and get a connection error.
</I>>>>>><i>
</I>>>>>><i> Any clue ?
</I>>>>>><i>
</I>>>>>><i> Samir
</I>>>>>><i>
</I>>>>>><i>
</I>>>>>><i> _______________________________________________
</I>>>>>><i> Extend mailing list
</I>>>>>><i> <A HREF="https://lists.ninenines.eu/listinfo/extend">Extend at lists.ninenines.eu</A>
</I>>>>>><i> <A HREF="https://lists.ninenines.eu/listinfo/extend">https://lists.ninenines.eu/listinfo/extend</A>
</I>>>>>><i>
</I>>>>><i>
</I>>>>><i> --
</I>>>>><i> Loïc Hoguin
</I>>>>><i> <A HREF="http://ninenines.eu">http://ninenines.eu</A>
</I>>>><i>
</I>>><i>
</I>>><i> --
</I>>><i> Loïc Hoguin
</I>>><i> <A HREF="http://ninenines.eu">http://ninenines.eu</A>
</I>><i>
</I>
--
Loïc Hoguin
<A HREF="http://ninenines.eu">http://ninenines.eu</A>
</PRE>
<!--endarticle-->
<HR>
<P><UL>
<!--threads-->
<LI>Previous message: <A HREF="000370.html">[99s-extend] ssl_hello_world
</A></li>
<LI>Next message: <A HREF="000372.html">[99s-extend] ssl
</A></li>
<LI> <B>Messages sorted by:</B>
<a href="date.html#371">[ date ]</a>
<a href="thread.html#371">[ thread ]</a>
<a href="subject.html#371">[ subject ]</a>
<a href="author.html#371">[ author ]</a>
</LI>
</UL>
<hr>
<a href="https://lists.ninenines.eu/listinfo/extend">More information about the Extend
mailing list</a><br>
</body></html>
|