{"metadata":{"image":[],"title":"","description":""},"api":{"url":"","auth":"never","results":{"codes":[]},"settings":"","params":[]},"next":{"description":"","pages":[]},"title":"SSL","type":"basic","slug":"configuration-for-ssl","excerpt":"","body":"To prepare an application to serve requests over SSL, we need to add a little bit of configuration and two environment variables. In order for SSL to actually work, we'll need a key file and certificate file from a certificate authority. The environment variables that we'll need are paths to those two files.\n\nThe configuration consists of a new `https:` key for our endpoint whose value is a keyword list of port, path to the key file, and path to the cert (pem) file. If we add the `otp_app:` key whose value is the name of our application, we can put the key and certificate files in the `priv` directory of our application, and Plug will look for them there. The values of our environment variables should then be relative paths.\n\nHere's an example configuration from `config/prod.exs`.\n\n```elixir\nuse Mix.Config\n\n. . .\nconfig :hello_phoenix, HelloPhoenix.Endpoint,\n  http: [port: {:system, \"PORT\"}],\n  url: [host: \"example.com\"],\n  cache_static_manifest: \"priv/static/manifest.json\",\n  https: [port: 443,\n          otp_app: :hello_phoenix,\n          keyfile: System.get_env(\"SOME_APP_SSL_KEY_PATH\"),\n          certfile: System.get_env(\"SOME_APP_SSL_CERT_PATH\")]\n\n```\n\nWithout the `otp_app:` key, we need to provide absolute paths to the files wherever they are on the filesystem in order for Plug to find them.\n\n```elixir\nPath.expand(\"../../../some/path/to/ssl/key.pem\", __DIR__)\n```","updates":["54a4fecdcf36a01d00b10aba"],"order":7,"isReference":false,"hidden":false,"sync_unique":"","link_url":"","link_external":false,"_id":"559218ad1da5250d001e9677","__v":0,"category":{"sync":{"isSync":false,"url":""},"pages":["559218ad1da5250d001e9675","559218ad1da5250d001e9676","559218ad1da5250d001e9677","559218ad1da5250d001e9678","559218ad1da5250d001e9679","559218ad1da5250d001e967a","559218ad1da5250d001e967b","559218ad1da5250d001e967c","559218ad1da5250d001e967d","55921ed65068e60d002ba044"],"title":"Bonus Guides","slug":"bonus-guides","order":4,"from_sync":false,"reference":false,"_id":"559218ad1da5250d001e9672","version":"559218ac1da5250d001e966f","__v":2,"createdAt":"2014-12-03T21:36:49.014Z","project":"54348ec95b10711400c6c445"},"createdAt":"2014-12-03T22:13:25.248Z","user":"5435e00ad7d8700800bbec51","githubsync":"","project":"54348ec95b10711400c6c445","version":{"version":"0.14.0","version_clean":"0.14.0","codename":"","is_stable":false,"is_beta":true,"is_hidden":false,"is_deprecated":false,"categories":["559218ad1da5250d001e9670","559218ad1da5250d001e9671","559218ad1da5250d001e9672","559218ad1da5250d001e9673","559218ad1da5250d001e9674"],"_id":"559218ac1da5250d001e966f","releaseDate":"2015-06-30T04:18:52.132Z","__v":1,"createdAt":"2015-06-30T04:18:52.132Z","forked_from":"5558c642eb56ae2f00f714fc","project":"54348ec95b10711400c6c445"}}
To prepare an application to serve requests over SSL, we need to add a little bit of configuration and two environment variables. In order for SSL to actually work, we'll need a key file and certificate file from a certificate authority. The environment variables that we'll need are paths to those two files. The configuration consists of a new `https:` key for our endpoint whose value is a keyword list of port, path to the key file, and path to the cert (pem) file. If we add the `otp_app:` key whose value is the name of our application, we can put the key and certificate files in the `priv` directory of our application, and Plug will look for them there. The values of our environment variables should then be relative paths. Here's an example configuration from `config/prod.exs`. ```elixir use Mix.Config . . . config :hello_phoenix, HelloPhoenix.Endpoint, http: [port: {:system, "PORT"}], url: [host: "example.com"], cache_static_manifest: "priv/static/manifest.json", https: [port: 443, otp_app: :hello_phoenix, keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"), certfile: System.get_env("SOME_APP_SSL_CERT_PATH")] ``` Without the `otp_app:` key, we need to provide absolute paths to the files wherever they are on the filesystem in order for Plug to find them. ```elixir Path.expand("../../../some/path/to/ssl/key.pem", __DIR__) ```