<div dir="ltr"><div>Hello list,</div><div><br></div><div>I've the pleasure to announce the release of `tls_certificate_check`, a library that packs the boilerplate required for verifying the authenticity of certificates presented by TLS servers against a list of trusted certificate authorities.</div><div><br></div><div>It wraps `certifi`[1] and `ssl_verify_fun`[2] together with the code required for verifying certificate chains in non canonical order.<br></div><div><br></div><div>It's simple enough to use:<br><br></div><div>    Host = "<a href="http://example.com">example.com</a>",<br></div><div>    Port = 443,<br></div><div>    TLSOptions = tls_cerificate_check:options(Host),<br></div><div>    ssl:connect(Host, 443, TLSOptions).<br><br></div><div>You'll no longer need to copy the usual CA validation boilerplate everywhere!<br></div><div><br></div><div>* Hex package: <a href="https://hex.pm/packages/tls_certificate_check/1.0.0">https://hex.pm/packages/tls_certificate_check/1.0.0</a><br></div><div>* Documentation: <a href="https://hexdocs.pm/tls_certificate_check/1.0.0/">https://hexdocs.pm/tls_certificate_check/1.0.0/</a><br></div><div>* Source code (GitHub): <a href="https://github.com/g-andrade/tls_certificate_check/tree/1.0.0">https://github.com/g-andrade/tls_certificate_check/tree/1.0.0</a><br></div><div>* Source code (GitLab): <a href="https://gitlab.com/g-andrade/tls_certificate_check/-/tree/1.0.0">https://gitlab.com/g-andrade/tls_certificate_check/-/tree/1.0.0</a></div><br><div>[1]: <a href="https://github.com/certifi/erlang-certifi">https://github.com/certifi/erlang-certifi</a><br>[2]: <a href="https://github.com/deadtrickster/ssl_verify_fun.erl">https://github.com/deadtrickster/ssl_verify_fun.erl</a></div><div><div><br>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">Guilherme<br></div></div></div></div></div></div></div></div></div>