voluntas/gun_bad_certificate.md Secret

## gun_bad_certificate.md

      
    Raw
  

              gun_bad_certificate.md
            
          
    ssl alert

The client did not send a client certificate and the server is sending a Bad Certificate Alert.
Uri = #{scheme := Scheme, host := Host, path := Path} = uri_string:parse(<<"https://localhost:48080/test">>).
Transport = tls.
Port = 48080.
Hostname = binary_to_list(Host).
application:ensure_all_started(gun).
application:get_key(gun, vsn).
TlsOpts = [{versions, ['tlsv1.3', 'tlsv1.2']}, {verify, verify_none}, {server_name_indication, Hostname}].
dbg:tracer().
dbg:tpl(gun_tls, connect, []).
dbg:tpl(ssl_alert, []).
dbg:p(all, c).
{ok, ConnPid} = gun:open(Hostname, Port, #{transport => Transport, protocols => [http2], tls_opts => TlsOpts}).

13> (<0.256.0>) call gun_tls:connect(#Port<0.9>,[{alpn_advertised_protocols,[<<"h2">>]},
 {client_preferred_next_protocols,{client,[<<"h2">>],<<"http/1.1">>}},
 {alpn_advertised_protocols,[<<"h2">>]},
 {client_preferred_next_protocols,{client,[<<"h2">>],<<"http/1.1">>}},
 {versions,['tlsv1.3','tlsv1.2']},
 {verify,verify_none},
 {server_name_indication,"localhost"}],infinity)
(<0.264.0>) call ssl_alert:decode(<<2,42>>)
(<0.264.0>) call ssl_alert:decode(<<2,42>>,[],0)
(<0.264.0>) call ssl_alert:alert_format("TLS",client,connection,{alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined})
=NOTICE REPORT==== 23-May-2023::09:27:44.876177 ===
TLS client: In state connection received SERVER ALERT: Fatal - Bad Certificate

(<0.264.0>) call ssl_alert:alert_prefix_format("TLS",client,connection)
(<0.264.0>) call ssl_alert:alert_format({alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined})
(<0.264.0>) call ssl_alert:alert_txt({alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined})
(<0.264.0>) call ssl_alert:level_txt(2)
(<0.264.0>) call ssl_alert:description_txt(42)
(<0.264.0>) call ssl_alert:reason_code({alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined},client,"TLS",connection)
(<0.264.0>) call ssl_alert:alert_format("TLS",client,connection,{alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined})
(<0.264.0>) call ssl_alert:alert_prefix_format("TLS",client,connection)
(<0.264.0>) call ssl_alert:alert_format({alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined})
(<0.264.0>) call ssl_alert:alert_txt({alert,2,42,
       #{line => 136,file => "ssl_alert.erl",mfa => {ssl_alert,decode,3}},
       server,undefined})
(<0.264.0>) call ssl_alert:level_txt(2)
(<0.264.0>) call ssl_alert:description_txt(42)
(<0.264.0>) call ssl_alert:description_atom(42)