CODEWITHSUNDEEP
sslerlangelixir
Istvan
Istvan

Reputation: 8562

How can I get TLS working with Erlang 21?

I have the following problem:

Elixir

[centos@ip-172-172-3-49 helix]$ env MIX_ENV=prod mix release
Could not find Hex, which is needed to build dependency :plug_cowboy
Shall I install Hex? (if running non-interactively, use "mix local.hex --force") [Yn] Y

18:12:32.462 [info]  ['TLS', 32, 'client', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'hello', 32, 'received SERVER ALERT: Fatal - Handshake Failure', 10]
** (Mix) httpc request failed with: {:failed_connect, [{:to_address, {'repo.hex.pm', 443}}, {:inet6, [:inet6], :enetunreach}, {:inet, [:inet], {:tls_alert, 'handshake failure'}}]}

Could not install Hex because Mix could not download metadata at https://repo.hex.pm/installs/hex-1.x.csv.

I guess the root cause is this with Erlang

Erlang/OTP 21 [erts-10.2.1] [source] [64-bit] [smp:36:36] [ds:36:36:10] [async-threads:1] [hipe]
1> ssl:start().
ok
2> Sock = fun() -> {ok, S} = gen_tcp:connect("google.com", 443, []), S end.
#Fun<erl_eval.20.128620087>
3>  ssl:connect(Sock(), []).
=INFO REPORT==== 28-Dec-2018::18:10:30.019612 ===
TLS client: In state hello received SERVER ALERT: Fatal - Handshake Failure
{error,{tls_alert,"handshake failure"}}

Is there a workaround for this yet? Os is Centos 7.

Update1

On MacOS it works:

Erlang/OTP 21 [erts-10.2] [source] [64-bit] [smp:6:6] [ds:6:6:10] [async-threads:1] [hipe] [dtrace]

Eshell V10.2  (abort with ^G)
1> ssl:start().
ok
2>  Sock = fun() -> {ok, S} = gen_tcp:connect("google.com", 443, []), S end.
#Fun<erl_eval.20.128620087>
3>  ssl:connect(Sock(), []).
{ok,{sslsocket,{gen_tcp,#Port<0.6>,tls_connection,undefined},
               [<0.100.0>,<0.99.0>]}}
4>

Upvotes: 0

Views: 683

Answers (2)

Istvan
Istvan

Reputation: 8562

It turns out that the Erlang RPM I was using does not support the new SSL in Erlang properly.

https://github.com/rabbitmq/erlang-rpm/releases/download/v21.2.1/erlang-21.2.1-1.el7.centos.x86_64.rpm

Using a different version from Erlang Solutions works fine:

https://packages.erlang-solutions.com/erlang/esl-erlang/FLAVOUR_1_general/esl-erlang_21.2-1~centos~7_amd64.rpm

Upvotes: 1

Xypron
Xypron

Reputation: 2483

ssl:connect/2 is described here: http://erlang.org/doc/man/ssl.html#connect-2.

Connecting is as easy as:

ssl:start().
ssl:connect("www.google.com", 443, []).

Upvotes: 0

Related Questions