On MacOS, when using self-signed certificates generated via mix phx.gen.cert for local testing,
the browser fails with ERR_SSL_PROTOCOL_ERROR and I see this in the server logs:
[notice] TLS :server: In state :wait_finished received CLIENT ALERT: Fatal - Decode Error
Workaround:
Don’t generate certificates via mix phx.gen.cert, but via
openssl req -x509 -newkey rsa:4096 -keyout priv/cert/selfsigned_key.pem -out priv/cert/selfsigned.pem -sha256 -days 365 -nodes -subj “/CN=localhost” -addext “subjectAltName=DNS:localhost,IP:127.0.0.1”
I’m not sure why this happens, and if the problem has always existed.
I recently re-generated the certificates for the first time in a while, and was faced with this error.
This did not help: Reverting from OTP 28 to OTP 27.
There are some similar reports here in the forum, but none for exactly this error.
If anyone knows what is going on, I’d love to hear more.
Otherwise, the workaround is fine for now.
