<div dir="ltr"><div>Hello list,<br><br></div><div>`tls_certificate_check 1.9.0` is out!</div><div><br></div><div>Highlights:<br>- changed partial chain handling to prepare for DST Root CA X3 expiration[*] on September 30<br>- switched documentation from edoc to ExDoc<br><br>Links:<br>- Hex package: <a href="https://hex.pm/packages/tls_certificate_check/1.9.0">https://hex.pm/packages/tls_certificate_check/1.9.0</a><br>- Documentation: <a href="https://hexdocs.pm/tls_certificate_check/1.9.0/">https://hexdocs.pm/tls_certificate_check/1.9.0/</a><br>- Source code (GitHub): <a href="https://github.com/g-andrade/tls_certificate_check/tree/1.9.0">https://github.com/g-andrade/tls_certificate_check/tree/1.9.0</a><br>- Source code (GitLab): <a href="https://gitlab.com/g-andrade/tls_certificate_check/-/tree/1.9.0">https://gitlab.com/g-andrade/tls_certificate_check/-/tree/1.9.0</a><br><br>[*]: <a href="https://blog.voltone.net/post/30">https://blog.voltone.net/post/30</a></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, 21 May 2020 at 02:44, Guilherme Andrade <<a href="mailto:g@gandrade.net">g@gandrade.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Hello list,</div><div><br></div><div>I've the pleasure to announce the release of `tls_certificate_check`, a library that packs the boilerplate required for verifying the authenticity of certificates presented by TLS servers against a list of trusted certificate authorities.</div><div><br></div><div>It wraps `certifi`[1] and `ssl_verify_fun`[2] together with the code required for verifying certificate chains in non canonical order.<br></div><div><br></div><div>It's simple enough to use:<br><br></div><div>    Host = "<a href="http://example.com" target="_blank">example.com</a>",<br></div><div>    Port = 443,<br></div><div>    TLSOptions = tls_cerificate_check:options(Host),<br></div><div>    ssl:connect(Host, 443, TLSOptions).<br><br></div><div>You'll no longer need to copy the usual CA validation boilerplate everywhere!<br></div><div><br></div><div>* Hex package: <a href="https://hex.pm/packages/tls_certificate_check/1.0.0" target="_blank">https://hex.pm/packages/tls_certificate_check/1.0.0</a><br></div><div>* Documentation: <a href="https://hexdocs.pm/tls_certificate_check/1.0.0/" target="_blank">https://hexdocs.pm/tls_certificate_check/1.0.0/</a><br></div><div>* Source code (GitHub): <a href="https://github.com/g-andrade/tls_certificate_check/tree/1.0.0" target="_blank">https://github.com/g-andrade/tls_certificate_check/tree/1.0.0</a><br></div><div>* Source code (GitLab): <a href="https://gitlab.com/g-andrade/tls_certificate_check/-/tree/1.0.0" target="_blank">https://gitlab.com/g-andrade/tls_certificate_check/-/tree/1.0.0</a></div><br><div>[1]: <a href="https://github.com/certifi/erlang-certifi" target="_blank">https://github.com/certifi/erlang-certifi</a><br>[2]: <a href="https://github.com/deadtrickster/ssl_verify_fun.erl" target="_blank">https://github.com/deadtrickster/ssl_verify_fun.erl</a></div><div><div><br>-- <br><div dir="ltr"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">Guilherme<br></div></div></div></div></div></div></div></div></div>
</blockquote></div>