[Bug watch] Erlang and SHA256 SSL certificates

A quick bug watch post to help with Googleability.

If you’re using Erlang (e.g.) with CouchDB in still in use version like Erlang 14 in Ubuntu 12.04, you might get the following error:

[10:35:50.859 UTC] [<0.8389.46>] [error] gen_server <0.8389.46> terminated with reason: {{{badmatch,{error,{asn1,{‘Type not compatible with table constraint’,{{component,’Type’},{value,{5,<<>>}},{unique_name_and_value,id,{1,2,840,113549,1,1,11}}}}}}},[{public_key,pkix_decode_cert,2},{ssl_certificate,trusted_cert_and_path,3},{ssl_handshake,certify,7},{ssl_connection,certify,2},{ssl_connection,next_state,3},{gen_fsm,handle_msg,7},{proc_lib,init_p_do_apply,3}]},{gen_fsm,sync_send_all_state_event,[<0.8390.46>,start,infinity]}}
[10:35:50.860 UTC] [<0.8389.46>] [error] CRASH REPORT Process <0.8389.46> with 0 neighbours exited with reason: {{{badmatch,{error,{asn1,{‘Type not compatible with table constraint’,{{component,’Type’},{value,{5,<<>>}},{unique_name_and_value,id,{1,2,840,113549,1,1,11}}}}}}},[{public_key,pkix_decode_cert,2},{ssl_certificate,trusted_cert_and_path,3},{ssl_handshake,certify,7},{ssl_connection,certify,2},{ssl_connection,next_state,3},{gen_fsm,handle_msg,7},{proc_lib,init_p_do_apply,3}]},{gen_fsm,sync_send_all_state_event,[<0.8390.46>,start,infinity]}} in gen_server:terminate/6

I got this one when trying CouchDB replication via SSL.

The issue? Older Erlang versions do not support SHA256 signed SSL certificates.

It will fail with the above rather useless message which only gives vague hints at what happens (a type mismatch in the decode certificates function).

HTH, HAND.