{"id":28724126,"url":"https://github.com/processone/pkix","last_synced_at":"2025-10-18T19:26:50.539Z","repository":{"id":33668316,"uuid":"150084949","full_name":"processone/pkix","owner":"processone","description":"PKIX certificates management for Erlang","archived":false,"fork":false,"pushed_at":"2024-06-27T09:57:48.000Z","size":710,"stargazers_count":11,"open_issues_count":0,"forks_count":7,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-05-04T00:34:37.540Z","etag":null,"topics":["certificates-validator","erlang","pkix"],"latest_commit_sha":null,"homepage":"","language":"Erlang","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/processone.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-24T10:14:33.000Z","updated_at":"2024-06-27T09:57:47.000Z","dependencies_parsed_at":"2024-05-23T09:25:47.332Z","dependency_job_id":"f2fe82ed-5f29-4a1c-abc6-8e4eb00b7722","html_url":"https://github.com/processone/pkix","commit_stats":{"total_commits":74,"total_committers":8,"mean_commits":9.25,"dds":0.5135135135135135,"last_synced_commit":"9655992dc39e91fc8f5e237eea95d74ec9c01891"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/processone/pkix","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/processone%2Fpkix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/processone%2Fpkix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/processone%2Fpkix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/processone%2Fpkix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/processone","download_url":"https://codeload.github.com/processone/pkix/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/processone%2Fpkix/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":259957280,"owners_count":22937549,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["certificates-validator","erlang","pkix"],"created_at":"2025-06-15T10:09:17.109Z","updated_at":"2025-10-18T19:26:45.501Z","avatar_url":"https://github.com/processone.png","language":"Erlang","readme":"PKIX certificates management library for Erlang\n===============================================\n\n[![CI](https://github.com/processone/pkix/actions/workflows/ci.yml/badge.svg?branch=master)](https://github.com/processone/pkix/actions/workflows/ci.yml)\n[![Coverage Status](https://coveralls.io/repos/processone/pkix/badge.svg?branch=master\u0026service=github)](https://coveralls.io/github/processone/pkix?branch=master)\n[![Hex version](https://img.shields.io/hexpm/v/pkix.svg \"Hex version\")](https://hex.pm/packages/pkix)\n\nThe idea of the library is to simplify certificates configuration in Erlang programs.\nTypically an Erlang program which needs certificates (for HTTPS/MQTT/XMPP/etc)\nprovides a bunch of options such as `certfile`, `chainfile`, `privkey`, etc.\nThe situation becomes even more complicated when a server supports so called `virtual domains`\nbecause a program is typically required to match a virtual domain with its certificate.\nIf a user has plenty of virtual domains (stored somewhere in `/etc/letsencrypt/live/*/*.pem`)\nit's quickly becoming a nightmare for them to configure all this. The complexity also leads to\nerrors: a single configuration mistake and a program generates obscure log messages,\nunreadable Erlang tracebacks or, even worse, just silently ignores the errors. Fortunately,\nthe large part of certificates configuration can be automated, reducing a user configuration\nto something as simple as:\n```yaml\ncertfiles:\n  - /etc/letsencrypt/live/*/*.pem\n```\nThe purpose of the library is to do this dirty job under the hood.\n\n# System requirements\n\nTo compile the library you need:\n\n - Erlang/OTP ≥ 19.0\n - GNU Make. Optional: for running tests or standalone compilation.\n\n# Compiling\n\nSince this is an embedded library, you need to add https://github.com/processone/pkix.git\nrepo to your rebar configuration or what have you.\n\n# Usage\n\nStart the library as a regular Erlang application:\n```erl\n\u003e application:ensure_all_started(pkix).\n```\nor use `pkix:start()` which does the same.\n\nLet's say you have two certificates: `cert1.pem` for `domain1` and `cert2.pem`\nfor `domain2` with their private keys `key1.pem` and `key2.pem` and\nan intermediate CA certificate `ca-intermediate.pem`. Then the flow is the following:\n- Add all your PEM files to the \"staged\" area (the order doesn't matter):\n```erl\n\u003e pkix:add_file(\"cert1.pem\").\n\u003e pkix:add_file(\"cert2.pem\").\n\u003e pkix:add_file(\"key1.pem\").\n\u003e pkix:add_file(\"key2.pem\").\n\u003e pkix:add_file(\"ca-intermediate.pem\").\n```\n- Commit the changes to some directory, let's say, `\"/tmp/certs\"`:\n```erl\n\u003e pkix:commit(\"/tmp/certs\").\n```\nNow you're able to fetch a certificate file containing full chain and the\nprivate key for domain `domain1` or `domain2`:\n```erl\n\u003e pkix:get_certfile(\u003c\u003c\"domain1\"\u003e\u003e).\n{\u003c\u003c\"/tmp/certs/7f9faada4a006091531cd37dafb70ca009630ac3\"\u003e\u003e,undefined,undefined}\n\u003e pkix:get_certfile(\u003c\u003c\"domain2\"\u003e\u003e).\n{undefined,\u003c\u003c\"/tmp/certs/018e601430ed447e4bb767b2d610c6258c7a4e43\"\u003e\u003e,undefined}\n```\nThe first element of the tuple is an EC certificate (presented in `cert1.pem`),\nthe second element is an RSA certificate (presented in `cert2.pem`) and the third element\nis a DSA certificate (missing in our example).\n\n# API\nTODO. Sorry, read the [source](https://github.com/processone/pkix/blob/master/src/pkix.erl) so far.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprocessone%2Fpkix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fprocessone%2Fpkix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fprocessone%2Fpkix/lists"}