Closed nickva closed 11 months ago
Seeing
in call from eunit_proc:with_timeout/3 (eunit_proc.erl, line 346)
**error:{badmatch,
{'EXIT',
{{badmatch,
{error,
{options,incompatible,
[{verify,verify_peer},{cacerts,undefined}]}}},
From https://www.erlang.org/blog/otp-26-highlights/#ssl-safer-defaults
Trying to pass {verify, verify_none}
showed another error:
=ERROR REPORT==== 22-Sep-2023::16:16:05.580047 ===
application: mochiweb
"Accept failed error"
"{error,{tls_alert,{handshake_failure,\"TLS server: In state start at tls_server_connection_1_3.erl:686 generated SERVER ALERT: Fatal - Handshake Failure\\n unable_to_supply_acceptable_cert\"}}}"
Could be an issue with the how the certificate was generated (has is old signature algorithm). Looking at included server cert with sha1WithRSAEncryption
:
% openssl x509 -in ./support/test-materials/test_ssl_cert.pem -text -noout
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
92:e4:35:9c:c4:44:f2:14
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=localhost
The updated certificate with Signature Algorithm: sha256WithRSAEncryption
works. Thanks @etrepum!
I added a script that generates a new self-signed cert which appears to work and will be good for whoever looks at this next so they can see how they were generated.
Thank you. That worked. I also noticed the failure afterwards, but It seemed like an unrelated flaky test.