crash_reason : options: key when trying to connect with SSL

[phtrivier]

We're trying to connect to a broker with SSL.
We're basically doing:

 transport = {
       Tortoise.Transport.SSL,
       host: ".....",
       port: 8883,
       cacertfile: ["path/to/cacert.pem"],
       keyfile: "/path/to/key.pem",
       certfile: "/path/to/cert.pem",
       verify: :verify_none
     }

{:ok, pid} = Tortoise.Connection.start_link(
      client_id: "....",
      server: transport
      user_name: "....",
      password: "....,
      handler: {OurApp.Handler, :ok}
    )

When we do things with path to files, we're able to connect.

However, when we try to do tha same thing with strings that represent the base64 version of the DER-encoded files for cacerts, key, and path, we get an error:

 transport = {
       Tortoise.Transport.SSL,
       host: ".....",
       port: 8883,
       cacert: [@cacert_der_base64 |> Base.decode64!()],
       keyfile: @key_der_base64 |> Base.decode64!(),
       certfile:@cert_der_base64 |> Base.decode64!(),
       verify: :verify_none
     }

{:ok, pid} = Tortoise.Connection.start_link(
      client_id: "....",
      server: transport
      user_name: "....",
      password: "....,
      handler: {OurApp.Handler, :ok}
    )

Then the connection fails, and the Tortoise.Connection server crash with this error:

ex(1)> [20:36:11.957] [error] <GenServer {Tortoise.Registry, {Tortoise.Connection, OurApp.Handler}} terminating
** (stop) {:options, {:key, <<48, 130, ...>>}}
Last message: :connect
State: %Tortoise.Connection{backoff: %Tortoise.Connection.Backoff{max_interval: 30000, min_interval: 100, value: 100}, client_id: OurApp.Handler, connect: %Tortoise.Package.Connect{__META__: %Tortoise.Package.Meta{flags: 0, opcode: 1}, clean_session: true, client_id: OurApp.Handler, keep_alive: 60, password: "...", protocol: "MQTT", protocol_version: 4, user_name: "...", will: nil}, keep_alive: nil, opts: [client_id: "...", handler: {OurAppHandler, :ok}], server: %Tortoise.Transport{host: '...', opts: [:binary, {:packet, :raw}, {:active, false}, {:key, <<48, 130, 4,  ...>>}, {:cert, <<48, 130, 5, , ...>>}, {:cacerts, [<<48, 130, 4, 7,  ...>>]}, {:verify, :verify_peer}], port: 8883, type: Tortoise.Transport.SSL}, status: :down, subscriptions: %Tortoise.Package.Subscribe{__META__: %Tortoise.Package.Meta{flags: 2, opcode: 8}, identifier: nil, topics: []}}> [
  crash_reason: {{:options,
    {:key,
     <<48, 130, 4,  ...>>}}, []},
  function: "error_info/7",
  module: :gen_server,
  line: 888,
  file: "gen_server.erl",
  pid: #PID<0.284.0>
]

What could this error mean ? Is it possible that we need to convert the binary to something else ?

[gausby]

The SSL transport is using the Erlang :ssl module in the background, so try converting the options given as binaries to charlists by using to_charlist/1; does that solve the problem?

[phtrivier]

Yes, we tried that (converting every options, only the key, etc...), but we got an error at the ligne doing the to_charlist (I don't have the code available right now, so I can not give you the error any more, sorry.)

Is it possible that a key contain data that can not be converted to a charlist ?

[rbino]

This also bit me when I started using Tortoise - you have to pass the key in Erlang's ssl format, e.g. {:RSAPrivateKey, der_binary_key}.

I've made a PR to clarify the doc #108