Does HTTPotion Support SNI?

[Preen]

Getting handshake failure when I try to use it against aws cloudfront which currently (if you pick the free version of certificate) only allows clients that supports SNI.

%HTTPotion.ErrorResponse{message: "{:tls_alert, 'handshake failure'}"}

[valpackett]

It should work I think…

What Erlang version are you using? Are you using an HTTP proxy? Can you connect to that domain with raw ssl module? like :ssl.connect('example.com', 443, [])

[Preen]

I want to be able to specify ssl version. With HTTPoision this works.

# Either use this

HTTPoison.get("https://example.com/", [], [ssl: [{:versions, [:'tlsv1.2']}]])

# or worst case:

HTTPoison.get("https://example.com/", [], [ssl: [{:verify, :verify_none}]])

[valpackett]

Damn, Erlang ssl's behavior is so weird, why does it only automatically set SNI if you force TLS 1.2 o_0

You can probably do something like that:

HTTPotion.get("https://example.com/", [ibrowse: [ssl_options: [{:versions, [:'tlsv1.2']}]]])

But it seems like you can also pass the hostname as the server_name_indication option instead of TLS 1.2. HTTPotion should automatically do this. I'll implement that soon.

[valpackett]

Done. SNI should work automatically on current master.