The Secure Socket Layer (SSL) application provides secure socket communication over TCP/IP.
In previous versions of Erlang/OTP SSL it was advised, as a work-around, to set the operating system environment variable SSL_CERT_FILE to point at a file containing CA certificates. That variable is no longer needed, and is not recognised by Erlang/OTP SSL any more.
However, the OpenSSL package does interpret that environment variable. Hence a setting of that variable might have unpredictable effects on the Erlang/OTP SSL application. It is therefore adviced to not used that environment variable at all.
The following application environment configuration parameters are defined for the SSL application. Refer to application(3) for more information about configuration parameters.
Note that the environment parameters can be set on the command line, for instance,
erl ... -ssl protocol_version '[sslv2,sslv3]' ....
The current implementation of the Erlang SSL application is based on the OpenSSL package version 0.9.7 or higher. There are source and binary releases on the web.
Source releases of OpenSSL can be downloaded from the OpenSSL project home page, or mirror sites listed there.
The same URL also contains links to some compiled binaries and libraries of OpenSSL (see the Related/Binaries menu) of which the Shining Light Productions Win32 and OpenSSL pages are of interest for the Win32 user.
For some Unix flavours there are binary packages available on the net.
If you cannot find a suitable binary OpenSSL package, you have to fetch an OpenSSL source release and compile it.
You then have to compile and install the libraries libcrypto.so and libssl.so (Unix), or the libraries libeay32.dll and ssleay32.dll (Win32).
For Unix The ssl_esock port program is delivered linked to OpenSSL libraries in /usr/local/lib, but the default dynamic linking will also accept libraries in /lib and /usr/lib.
If that is not applicable to the particular Unix operating system used, the example Makefile in the SSL priv/obj directory, should be used as a guide to relinking the final version of the port program.
For Win32 it is only required that the libraries can be found from the PATH environment variable, or that they reside in the appropriate SYSTEM32 directory; hence no particular relinking is need. Hence no example Makefile for Win32 is provided.
Users must be aware of export restrictions and patent rights concerning cryptographic software.
application(3)