Skip to content

Commit

Permalink
Allow setting certificates via application config
Browse files Browse the repository at this point in the history
  • Loading branch information
@josevalim
josevalim committed Oct 14, 2024
1 parent f7ddb9c commit 7be20e2
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 2 deletions.
10 changes: 9 additions & 1 deletion lib/public_key/src/pubkey_os_cacerts.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,15 @@
get() ->
case persistent_term:get(?MODULE, not_loaded) of
not_loaded ->
case load() of
_ = application:load(public_key),

Result =
case application:get_env(public_key, cacerts_path) of
{ok, EnvVar} -> load([EnvVar]);
undefined -> load()
end,

case Result of
ok ->
persistent_term:get(?MODULE);
{error, Reason} ->
Expand Down
12 changes: 11 additions & 1 deletion lib/public_key/src/public_key.erl
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2238,7 +2238,17 @@ cacerts_get() ->
%%--------------------------------------------------------------------
-doc(#{title => <<"Certificate API">>,
since => <<"OTP 25.0">>}).
-doc "Loads the OS supplied trusted CA certificates.".
-doc """
Loads the OS supplied trusted CA certificates.
This can be overridden by setting the `cacerts_path`
environment key of the `public_key` application with
the location of an alternative OS supplied certificate.
You can set it via the command line as:
erl -public_key cacerts_path '"/path/to/my/certs"'
""".

-spec cacerts_load() -> ok | {error, Reason::term()}.
%%--------------------------------------------------------------------
Expand Down

0 comments on commit 7be20e2

Please sign in to comment.