inetc / ssl problem
Andrew Varner
drew.varner@REDACTED
Thu Sep 2 14:15:55 CEST 2021
Eckard,
This document gives an explanation and examples for the ssl module. In your case you need one or more trusted Certificate Authorities to validate the chain of the server’s certificate.
https://github.com/erlef/security-wg/blob/master/docs/secure_coding_and_deployment_hardening/ssl.md
- Drew
> On Sep 2, 2021, at 8:08 AM, Eckard Brauer <eckard.brauer@REDACTED> wrote:
>
> Hello,
>
> I'm bit stuck with trying to avoid an ssl warning when retrieving a
> HTTPS page like that:
>
> ssl:start(),
> inets:start(),
> Url = "https://www.heise.de/newsticker",
> {ok, {{_, 200,__}, _, Contents}} =
> httpc:request(get,
> {Url, []},
> [{ssl, [{verify, verify_none}]}],
> []).
>
> getting that:
> =WARNING REPORT==== 2-Sep-2021::13:46:08.010679 ===
> Description: "Authenticity is not established by certificate path validation"
> Reason: "Option {verify, verify_peer} and cacertfile/cacerts is missing"
> ...
>
>
> What's the reason the warning won't go away with the ssl verify option -
> where's my fault?
>
> Thanks in advance
> Eckard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20210902/8495c4ec/attachment.htm>
More information about the erlang-questions
mailing list