Hi everybody,
I am using Aleph for my app and I am currently trying to add a middleware verify my ssl certificates.
As for now, I handle the SSL in an ALB in front of the EC2 so the ALB handles the redirect from http to https.
However, since I only have one EC2 instance, the ALB is quite overkill and I want my app to handle the ssl directly.
I am often very confused when it comes to SSL. I see in the Aleph doc, we can provide a :ssl-context.
There seem to be a wrapper also aleph.ssl/wrap-aleph-ssl.
How can I add my certificates to the config so Netty can create the context used by Aleph?
Also, do I need both server context and client context?
Hello Loic!
I never used aleph.ssl/wrap-aleph-ssl so I cannot really say.
But here you will find an example about how both a server and a client can be created. [1]
For the server, you just need to pass a ssl-context
when starting it as an option.
For the client, you need to create and configure a connection-pool that need to be passed as a pool parameter when calling your http/request (get, post ...) functions.
[1] : https://github.com/clj-commons/aleph/blob/8efad423c4df7b1a7b82a245045d1a21b4b0fc3d/test/aleph/http_test.clj#L271-L285
Here you can find some examples about how to create the various SSL contexts : https://github.com/clj-commons/aleph/blob/8efad423c4df7b1a7b82a245045d1a21b4b0fc3d/test/aleph/ssl.clj#L46-L63
@loic Where did you find wrap-aleph-ssl? That's not in the Aleph code base. The only aleph.ssl namespace is for testing, and I don't see it there, either
@kingmob Was some code suggested by chatGPT, no idea where it got that info
@arnaudgeiser Thank you! I will try that
Heh. Please watch out for GPT hallucinations.