g-andrade

g-andrade

Tls_certificate_check: TLS/SSL certificate verification for humans

Hi forum,

I’ve the pleasure to announce the release of tls_certificate_check, a library that packs the boilerplate required for verifying the authenticity of certificates presented by TLS servers against a list of trusted certificate authorities.

It wraps certifi and ssl_verify_fun together with the code required for verifying certificate chains in non canonical order.

It’s simple enough to use:

host = "example.com"
port = 443
tls_options = :tls_certificate_check.options(host)
:ssl.connect(host, 443, tls_options)

You’ll no longer need to copy the usual CA validation boilerplate everywhere!

Most Liked

g-andrade

g-andrade

tls_certificate_check 1.12.0 is out :tada:

New CAs:

  • vtrus ecc root ca
  • isrg root x2
  • vtrus root ca
  • HiPKI Root CA - G1
  • Autoridad de Certificacion Firmaprofesional CIF A62634068

Updated CAs:

  • gts root r4
  • gts root r3
  • gts root r1
  • gts root r2
  • GlobalSign ECC Root CA - R4

Removed CAs:

  • GlobalSign Root CA - R2
  • cybertrust global root
g-andrade

g-andrade

That took me a while!

tls_certificate_check 1.17.0 is out, and it does a couple of cool new things.

For OTP 25+, it now uses OTP-trusted CAs by default - if any / when available, falling back to the bundled CAs otherwise (this is tweakable).

This version also supports overriding the trusted CAs (say, if you’d wish to use CAStore instead.)

kip

kip

ex_cldr Core Team

This looks great, thanks for the lib. Would you consider also wrapping castore as an option?

Where Next?

Popular in Announcing Top

danschultzer
In short Plug n’ play OAuth 2.0 provider library. Just set up a resource owner schema with Ecto (your user schema), install the dependen...
New
sasajuric
I’d like to announce a small library called boundaries. This is an experimental project which explores the idea of enforcing boundaries ...
New
josevalim
Hi everyone, We would like to announce that Plataformatec is working on a new MySQL driver called MyXQL. Our goal is to eventually integ...
New
brainlid
LangChain is short for Language Chain. An LLM, or Large Language Model, is the “Language” part. This library makes it easier for Elixir a...
New
bryanjos
Hi, I wanted share a small library we at Revelry Labs made for rendering react components from the server side. There are instructions fo...
New
RobertDober
Earmark is a pure-Elixir Markdown converter. It is intended to be used as a library (just call Earmark.as_html), but can also be used as...
239 12645 134
New
michalmuskala
Another small library today. PersistentEts Hex: persistent_ets | Hex GitHub: GitHub - michalmuskala/persistent_ets · GitHub Ets table ...
New
hpopp
After just over two years in development, this latest version of Pigeon is what I finally consider done in regards to my original vision ...
New
woylie
I released Doggo, a collection of unstyled Phoenix components. https://github.com/woylie/doggo Features Unstyled Phoenix components....
New
mplatts
With HEEX released we decided to start a components library using Tailwind CSS - check it out here: Petal Components. We also have a boi...
New

Other popular topics Top

danschultzer
None of the current solutions worked well for me, so I went ahead and built a user management system from scratch. This project took far...
548 29603 241
New
senggen
Erlang/OTP 25 [erts-13.2.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] 15:22:35.803 [error] gen_event {lager_file_backend...
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
chrismccord
As promised, the first release candidate of Phoenix 1.3.0 is out! This release focuses on code generators with improved project structure...
New
albydarned
Hello all! I am typing this post from my new MacBook Pro with the M1 chip. I’m loving it so far, and will probably use it as my daily dr...
New
johnnyicon
Hi all, I’ve just started learning Elixir and Phoenix Framework, so please pardon my n00bness at this stage. I’m trying to use Postgres...
New
fireproofsocks
Forgive me if this is obvious, but how does one delete a database record WITHOUT selecting it first? Ecto.Repo — Ecto v3.14.0 has exampl...
New
belgoros
I’m not a pro in using Regex and can’t figure out why the following behaviour happens, especially if we take into account the difference ...
New
joaquinalcerro
Hi there, I am working with Ecto-Postgresql and I need to call all of the records from a specific table but the table has 40,000 records...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement