New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
handshake failure - malformed_handshake_data on Erlang 19.1, Mac OS Sierra, Homebrew Openssl #362
Comments
This appears to be related to Erlang being compiled with
and if I explicitly take out all of the EC ciphers from the explicit list, then it works:
|
mmm so I probably need to check if these ciphers are available first. Thanks for the info. Patch is coming :) |
I think I am having a similar issue. I started a new project and it was using 1.6.3. I rolled it back to 1.6.1 and things seem to work now. |
It seems we are too strict for some servers. Will go for a less strict mode
|
Had any luck with the patch? Anything we can do to help? |
Any updates on this? It generally makes the 1.6.2 and 1.6.3 versions unusable. |
i don't reproduce it on macosx sierra with latest openssl from homebrew. but a fix is coming. |
Thank you. |
- httpoison depends hackney 1.6.3 - hackney 1.6.3 has bugs. - benoitc/hackney#362
any updates? use hackney 1.6.6 but still receive same error:
macosx sierra |
can you try the latest version of hackney?
…On Sun, 26 Feb 2017 at 12:56, Gittel Volpo ***@***.***> wrote:
any updates?
use hackney 1.6.6 but still receive same error:
[error] SSL: :certify: tls_connection.erl:704:Fatal error: handshake
failure - malformed_handshake_data
{:hackney, "1.6.6", override: true},
macosx sierra
OpenSSL 0.9.8zh 14 Jan 2016
Erlang/OTP 19
Elixir 1.4.2
—
You are receiving this because you modified the open/close state.
Reply to this email directly, view it on GitHub
<#362 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAA4okfdOvRR73OZPC32q78RYA-3vmttks5rgWh0gaJpZM4Ku34d>
.
|
i'm use it. 1.6.6 (tagged 2 hours ago..) |
---->
-----> all fine |
@gVolop did you change the version of Erlang? Which version of openssl is installed on your system? So far I need a way to reproduce this issue. The only change in the current version is that hackney is now more strict and use latest certificates from the Mozila project. Is this a public server? Is there any link I can test? If not what is the SSL configuration of your server? Also can you enable the tracing in hackney and provide me a full trace? |
@gVolop also this ticket is closed. It may be not the same issue. I would appreciate a new ticket with all the info above if you can that would help a lot :) |
@benoitc here is the new ticket |
The explicit specification of the cipher list in
hackney_ssl.erl
causes TLS handshake error with AWS S3 endpointwhich ultimately comes down to the following in hackney_ssl:
but if we remove explicitly setting the
{ciphers, ?DEFAULT_CIPHERS}
option:This occurs on Mac OS Sierra w/homebrew latest openssl, but it seems like it would not be limited to just this platform, although I have not had time to validate that yet.
The text was updated successfully, but these errors were encountered: