The reason we chose Erlang for securing SSL connections
is simple — there was no heartbleed for Erlang SSL application yet!
Here you can find simple 200 LOC Certificate Authority Server
that is used to enroll server cerficates (for SYNRC applications)
and client certificates (for securing device connections).
SYNRC CA supports all Erlang package managers: mix, mad, rebar3, rebar, erlang.mk.
You can either use you own instance or SYNRC CA instance.
Here is how to obtain the SYNRC root certificate:
It can be stored in cert/ecc/caroot.pem with the following command:
ISSUE SERVER CERT
For securing your N2O application just issue server certificate
with your [unique] application name and specify the path to keys as a cowboy's variables.
Here is example which you should include as a startup for ranch/cowboy server:
ISSUE CLIENT CERT
Here is an example how to obtain end-user certificate that should be installed
manually at the device:
Here is e.g. how to secure MQTT IoT connection with ECC cryptography.
First install XIO server and protect
is with server cerficate (as described above).
And then use emqtt client and your personal client certificate: