Okay, issue filed: https://github.com/zotonic/zotonic_ssl/issues/11
Currently using Zotonic behind HAProxy, as there are some non-Zotonic sites and redirects that it handles, so it is also handling SSL termination. However, for some commercial Zotonic users, updating zotonic_ssl could be helpful, so I filed and issue... Seann On Tuesday, April 23, 2024 at 4:39:52 AM UTC-6 Marc Worrell wrote: > We are using the library: > > https://github.com/zotonic/zotonic_ssl > > For the SSL certificate inspection. > Could you file an issue there? > > If you want to use Let’s Encrypt with Zotonic 1.x (master), then you can > also just enable mod_ssl_letsencrypt. > It will handle requesting certificates and also extending them before they > expire. > > Cheers, > > Marc > > > > On 15 Mar 2024, at 10:41, 'Seann Aswell' via Zotonic developers < > [email protected]> wrote: > > Question about using the SSL CA module... > > I have been using Zotonic behind HAProxy, and would like to use it > directly, but there is an issue with newer certificates issued by Let's > Encrypt. > > According to the Erlang SSL man page > <https://www.erlang.org/doc/man/ssl.html>, it appears EC keys are now > supported. However, when placing all of the certs and keys into the > site/priv/security/ca directory, each time a connection to Zotonic is made > self-signed keys are generated, which seems to indicate Zotonic doesn't > like the EC keys. > > The *mod_ssl_ca <https://zotonic.com/docs/1753/mod_ssl_ca>* page suggests > that only PCKS#1 & 8 are supported, but it appears that Erlang now > supports EC keys. Is it possible Zotonic could support new EC keys? > > FYI: header for EC keys > -----BEGIN EC PRIVATE KEY----- > > > -- > > --- > You received this message because you are subscribed to the Google Groups > "Zotonic developers" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/zotonic-developers/d4f9206c-a24d-4b7c-801a-c1a9b452c40en%40googlegroups.com > > <https://groups.google.com/d/msgid/zotonic-developers/d4f9206c-a24d-4b7c-801a-c1a9b452c40en%40googlegroups.com?utm_medium=email&utm_source=footer> > . > > > -- --- You received this message because you are subscribed to the Google Groups "Zotonic developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/zotonic-developers/735294d7-802b-4cb8-8c18-e094ba817b67n%40googlegroups.com.
