Anybody using Cowboy 2.4 with Phoenix in production?

Just curious if folks are using Cowboy 2.x (latest is 2.4) in production.

We suddenly started getting lots of errors from ssl in the logs:

ssl_handshake.erl:1271 generated CLIENT ALERT: Fatal - Bad Certificate

and apparently, these might go away in the latest version of Cowboy:

https://github.com/ninenines/cowboy/issues/1000

Right Cowboy currently does not disable renegotiation so this could happen. Cowboy 2 will force disable renegotiation entirely (due to HTTP/2 requirements, and related aforementioned issues).

Thanks in advance!

1 Like