1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
|
= ranch_ssl(3)
== Name
ranch_ssl - SSL transport
== Description
The module `ranch_ssl` implements an SSL Ranch transport.
== Exports
The module `ranch_ssl` implements the interface defined
by link:man:ranch_transport(3)[ranch_transport(3)].
== Types
=== opt()
[source,erlang]
----
opt() :: ranch_tcp:opt() | ssl_opt()
----
Listen options.
The TCP options are defined in link:man:ranch_tcp(3)[ranch_tcp(3)].
=== opts()
[source,erlang]
----
opts() :: [opt()]
----
List of listen options.
=== ssl_opt()
[source,erlang]
----
ssl_opt() = {alpn_preferred_protocols, [binary()]}
| {beast_mitigation, one_n_minus_one | zero_n | disabled}
| {cacertfile, file:filename()}
| {cacerts, [public_key:der_encoded()]}
| {cert, public_key:der_encoded()}
| {certfile, file:filename()}
| {ciphers, ssl:ciphers()}
| {client_renegotiation, boolean()}
| {crl_cache, [any()]}
| {crl_check, boolean() | peer | best_effort}
| {depth, integer()}
| {dh, binary()}
| {dhfile, file:filename()}
| {eccs, [atom()]}
| {fail_if_no_peer_cert, boolean()}
| {handshake, hello | full}
| {hibernate_after, timeout()}
| {honor_cipher_order, boolean()}
| {honor_ecc_order, boolean()}
| {key, ssl:key()}
| {keyfile, file:filename()}
| {log_alert, boolean()}
| {log_level, logger:level()}
| {max_handshake_size, integer()}
| {next_protocols_advertised, [binary()]}
| {padding_check, boolean()}
| {partial_chain, fun()}
| {password, string()}
| {protocol, tls | dtls}
| {psk_identity, string()}
| {reuse_session, fun()}
| {reuse_sessions, boolean()}
| {secure_renegotiate, boolean()}
| {signature_algs, [{ssl:hash(), ssl:sign_algo()}]}
| {signature_algs_cert, [atom()]}
| {sni_fun, fun()}
| {sni_hosts, [{string(), ssl_opt()}]}
| {user_lookup_fun, {fun(), any()}}
| {verify, verify_none | verify_peer}
| {verify_fun, {fun(), any()}}
| {versions, [ssl:protocol_version()]}
----
SSL-specific listen options.
Specifying a certificate is mandatory, either through the `cert`
or `certfile` option, or by configuring SNI. None of the other
options are required.
The default value is given next to the option name:
alpn_preferred_protocols::
Perform Application-Layer Protocol Negotiation
with the given list of preferred protocols.
beast_mitigation (one_n_minus_one)::
Change the BEAST mitigation strategy for SSL-3.0 and TLS-1.0
to interoperate with legacy software.
cacertfile::
Path to PEM encoded trusted certificates file used to verify
peer certificates.
cacerts::
List of DER encoded trusted certificates.
cert::
DER encoded user certificate.
certfile::
Path to the PEM encoded user certificate file. May also
contain the private key.
ciphers::
List of ciphers that clients are allowed to use.
client_renegotiation (true)::
Whether to allow client-initiated renegotiation.
crl_cache ({ssl_crl_cache, {internal, []}})::
Customize the module used to cache Certificate Revocation Lists.
crl_check (false)::
Whether to perform CRL check on all certificates in the chain
during validation.
depth (1)::
Maximum of intermediate certificates allowed in the
certification path.
dh::
DER encoded Diffie-Hellman parameters.
dhfile::
Path to the PEM encoded Diffie-Hellman parameters file.
eccs::
List of named ECC curves.
fail_if_no_peer_cert (false)::
Whether to refuse the connection if the client sends an
empty certificate.
handshake (full)::
If `hello` is specified for this option, the handshake is
paused after receiving the client hello message. The handshake
can then be resumed via `handshake_continue/3`, or cancelled
via `handshake_cancel/1`.
+
This option cannot be given to `ranch:handshake/1,2`.
hibernate_after (undefined)::
Time in ms after which SSL socket processes go into
hibernation to reduce memory usage.
honor_cipher_order (false)::
If true, use the server's preference for cipher selection.
If false, use the client's preference.
honor_ecc_order (false)::
If true, use the server's preference for ECC curve selection.
If false, use the client's preference.
key::
DER encoded user private key.
keyfile::
Path to the PEM encoded private key file, if different from
the certfile.
log_alert (true)::
If false, error reports will not be displayed.
log_level::
Specifies the log level for TLS/DTLS.
max_handshake_size (256*1024)::
Used to limit the size of valid TLS handshake packets to
avoid DoS attacks.
next_protocols_advertised::
List of protocols to send to the client if it supports the
Next Protocol extension.
padding_check::
Allow disabling the block cipher padding check for TLS-1.0
to be able to interoperate with legacy software.
partial_chain::
Claim an intermediate CA in the chain as trusted.
password::
Password to the private key file, if password protected.
protocol (tls)::
Choose TLS or DTLS protocol for the transport layer security.
psk_identity::
Provide the given PSK identity hint to the client during the
handshake.
reuse_session::
Custom policy to decide whether a session should be reused.
reuse_sessions (false)::
Whether to allow session reuse.
secure_renegotiate (false)::
Whether to reject renegotiation attempts that do not conform
to RFC5746.
signature_algs::
The TLS signature algorithm extension may be used, from TLS 1.2,
to negotiate which signature algorithm to use during the TLS
handshake.
signature_algs_cert::
List of signature schemes for the signature_algs_cert extension
introduced in TLS 1.3, in order to make special requirements
on signatures used in certificates.
sni_fun::
Function called when the client requests a host using Server
Name Indication. Returns options to apply.
sni_hosts::
Options to apply for the host that matches what the client
requested with Server Name Indication.
user_lookup_fun::
Function called to determine the shared secret when using PSK,
or provide parameters when using SRP.
verify (verify_none)::
Use `verify_peer` to request a certificate from the client.
verify_fun::
Custom policy to decide whether a client certificate is valid.
versions::
TLS protocol versions that will be supported.
Note that the client will not send a certificate unless the
value for the `verify` option is set to `verify_peer`. This
means that `fail_if_no_peer_cert` only applies when combined
with the `verify` option. The `verify_fun` option allows
greater control over the client certificate validation.
The options `sni_fun` and `sni_hosts` are mutually exclusive.
== Changelog
* *2.0*: The `ssl_opt()` type was updated for OTP-22.0.
== See also
link:man:ranch(7)[ranch(7)],
link:man:ranch_transport(3)[ranch_transport(3)],
link:man:ranch_tcp(3)[ranch_tcp(3)],
ssl(3)
|