Hey there,
you’re getting tired of setting up your SSL private keys manually? Worry no longer CertMagex allows you to get automatic certificates for your domain from Let’s Encrypt.
For Cowboy (standard before) add this to your prod.exs:
config <your_app>, <your_endpoint>,
https: [port: 443, sni_fun: &CertMagex.sni_fun/1],
# ATTENTION: Ensure you comment http: out and port 80 is free!
...
For Bandit (standard in newer Phoenix templates) add this to your prod.exs:
config <your_app>, <your_endpoint>,
https: [port: 443, thousand_island_options: [transport_options: [sni_fun: &CertMagex.sni_fun/1]]],
# ATTENTION: Ensure you comment http: out and port 80 is free!
...
And add this to your deps:
def deps do
[
{:certmagex, "~> 1.0.0"}
]
end
You’re done!
The let’s encrypt handshake is done by the zerossl library GitHub - riccardomanfrin/zerossl: Acme V2 protocol for ZeroSSL library. This is a very early release to get feedback. There are a couple of improvements I would like to see myself:
- Support other TLS ACME handshakes and not only http on port 80
- Setup of a fallback certificate / URL if no sni name is specified
- Let users configure allowlists/blacklists of domain names that should be responded to
- Better error handling, error debouncing and reporting
- Support lower Elixir versions (zerossl dependency only supports Elixir v1.15+)
With all that said, please try CertMagex and give me some feedback
Cheers!