aleph

Loic 2023-05-03T14:34:41.791989Z

Hi everybody, I am using Aleph for my app and I am currently trying to add a middleware verify my ssl certificates. As for now, I handle the SSL in an ALB in front of the EC2 so the ALB handles the redirect from http to https. However, since I only have one EC2 instance, the ALB is quite overkill and I want my app to handle the ssl directly. I am often very confused when it comes to SSL. I see in the Aleph doc, we can provide a :ssl-context. There seem to be a wrapper also aleph.ssl/wrap-aleph-ssl. How can I add my certificates to the config so Netty can create the context used by Aleph? Also, do I need both server context and client context?

Arnaud Geiser 2023-05-03T15:01:29.217039Z

Hello Loic! I never used aleph.ssl/wrap-aleph-ssl so I cannot really say. But here you will find an example about how both a server and a client can be created. [1] For the server, you just need to pass a ssl-context when starting it as an option. For the client, you need to create and configure a connection-pool that need to be passed as a pool parameter when calling your http/request (get, post ...) functions. [1] : https://github.com/clj-commons/aleph/blob/8efad423c4df7b1a7b82a245045d1a21b4b0fc3d/test/aleph/http_test.clj#L271-L285

Arnaud Geiser 2023-05-03T15:05:34.218659Z

Here you can find some examples about how to create the various SSL contexts : https://github.com/clj-commons/aleph/blob/8efad423c4df7b1a7b82a245045d1a21b4b0fc3d/test/aleph/ssl.clj#L46-L63

Matthew Davidson 2023-05-04T03:37:52.478779Z

@loic Where did you find wrap-aleph-ssl? That's not in the Aleph code base. The only aleph.ssl namespace is for testing, and I don't see it there, either

Loic 2023-05-04T03:39:25.200069Z

@kingmob Was some code suggested by chatGPT, no idea where it got that info

Loic 2023-05-04T03:39:46.578849Z

@arnaudgeiser Thank you! I will try that

Matthew Davidson 2023-05-04T03:54:28.603539Z

Heh. Please watch out for GPT hallucinations.