Password for key in SSL
manuel-rubio opened this issue · 4 comments
I was trying to configure the SSL for Bandit but I just realised my key file is encrypted and it's required that's not unencrypted, so could we specify the password? I can see that Plug.SSL
has the password but that's compiled with the code and I want the possibility to pass that information with the Bandit configuration when it's starting, like certfile
and keyfile
configurations.
When you say 'Plug.SSL has the password' what are you referring to? Thousand Island (and by extension Bandit) are deliberately unaware of the options you pass to the underlying transport; anything you can pass to the underlying Erlang :ssl library is supported, we just pass it through. I'm not aware of any options to the effect you're looking for
Sorry, I was referring that I was using Bandit options like this:
bandit_opts = [
plug: MyApp.Router,
port: 4000,
otp_app: :myapp,
scheme: :https,
certfile: "/certs/path/file.crt",
keyfile: "/cets/path/file.key",
thousand_island_options: [
num_acceptors: 5
]
]
Where could I put the password to unencrypt the key file?
It looks like the password option is what you're looking for. Because it's not one of Bandit's convenience options you'll need to set it manually on the underlying transport:
bandit_opts = [
plug: MyApp.Router,
port: 4000,
otp_app: :myapp,
scheme: :https,
certfile: "/certs/path/file.crt",
keyfile: "/cets/path/file.key",
thousand_island_options: [
num_acceptors: 5,
transport_options: [password: "soopersekrit"]
]
]
that's what I needed, thanks @mtrudel !!!