Skip to content

Commit

Permalink
Simplify ssl_opts generation in runtime.exs
Browse files Browse the repository at this point in the history
  • Loading branch information
@wmnnd
wmnnd committed Jan 5, 2022
1 parent d15723c commit 2758033
Showing 1 changed file with 6 additions and 13 deletions.
19 changes: 6 additions & 13 deletions config/runtime.exs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,21 +26,14 @@ if config_env() == :prod do
ssl = System.get_env("DB_ENABLE_SSL") in [1, "1", "true", "TRUE"]
ca_cert_pem = System.get_env("DB_CA_CERT")

ca_cert_der =
ssl_opts =
if ca_cert_pem not in [nil, ""] do
ca_cert_pem
|> :public_key.pem_decode()
|> then(fn [pem_entry] -> :public_key.pem_entry_decode(pem_entry) end)
|> then(fn x -> :public_key.der_encode(:Certificate, x) end)
end
cacerts =
ca_cert_pem
|> :public_key.pem_decode()
|> Enum.map(fn {_, der_or_encrypted_der, _} -> der_or_encrypted_der end)

ssl_opts =
if ca_cert_der do
[
verify: :verify_peer,
cacerts: [ca_cert_der],
verify_fun: &:ssl_verify_hostname.verify_fun/3
]
[verify: :verify_peer, cacerts: cacerts]
else
[]
end
Expand Down

0 comments on commit 2758033

Please sign in to comment.