CertMagex

Automatic SSL certs from Let’s Encrypt for your Phoenix applications. This is based on the ZeroSSL library which is used for the ACME handshake. Plugging into the sni_fun and the name is inspired by similar functionality of the golang certmagic library.

This is used in the real world for example on https://tcpbin.net.

Installation

For Cowboy add to your prod.exs:

config <your_app>, <your_endpoint>,
  https: [port: 443, sni_fun: &CertMagex.sni_fun/1],
  # ATTENTION: Ensure you comment http: out and port 80 is free!
  ...

For Bandit add to your prod.exs:

config <your_app>, <your_endpoint>,
  https: [port: 443, thousand_island_options: [transport_options: [sni_fun: &CertMagex.sni_fun/1]]],
  # ATTENTION: Ensure you comment http: out and port 80 is free!
  ...

And add this to your deps:

def deps do
  [
    {:certmagex, "~> 1.0"}
  ]
end

You’re done!

Optional Configuration values

The following configuration values are optional and can be set in your config.exs file.

Example config.exs

config :certmagex,
  provider: :zerossl,
  account_key: System.get_env("ZEROSSL_ACCOUNT_KEY"),
  addr: "0.0.0.0",
  user_email: "your@email.com",
  storage_module: CertMagex.Storage.Acmev2Adapter

Notes

Generated certificates are by default stored in $HOME/.local/share/certmagex but the XDG_DATA_HOME variable is respected.

This wouldn’t be possible without the Acmev2 module from zerossl https://hex.pm/packages/zerossl