KubeMQ.TLS (kubemq v1.0.1)

Copy Markdown View Source

TLS configuration for KubeMQ gRPC connections.

Maps keyword options to GRPC.Credential SSL options.

TLS (server authentication only)

{:ok, client} = KubeMQ.Client.start_link(
  address: "kubemq.example.com:50000",
  client_id: "my-app",
  tls: [cacertfile: "/path/to/ca.pem"]
)

mTLS (mutual authentication)

{:ok, client} = KubeMQ.Client.start_link(
  address: "kubemq.example.com:50000",
  client_id: "my-app",
  tls: [
    cacertfile: "/path/to/ca.pem",
    certfile: "/path/to/client.pem",
    keyfile: "/path/to/client-key.pem"
  ]
)

Summary

Types

tls_opts()

Functions

mtls?(tls_opts)

Returns true if the TLS config includes client certificates (mTLS).

to_credential(tls_opts)

Build a GRPC.Credential from TLS keyword options.

to_credential(tls_opts, hostname)
to_ssl_opts(tls_opts, hostname \\ nil)

Build SSL options from the TLS keyword list for GRPC.Credential.new/1.

Types

tls_opts()

@type tls_opts() :: [
  cacertfile: String.t(),
  certfile: String.t(),
  keyfile: String.t(),
  verify: :verify_peer | :verify_none
]

Functions

mtls?(tls_opts)

@spec mtls?(keyword() | nil) :: boolean()

Returns true if the TLS config includes client certificates (mTLS).

to_credential(tls_opts)

@spec to_credential(keyword()) :: GRPC.Credential.t() | nil

Build a GRPC.Credential from TLS keyword options.

Returns nil if tls_opts is nil (plaintext connection).

to_credential(tls_opts, hostname)

@spec to_credential(keyword() | nil, String.t() | nil) :: GRPC.Credential.t() | nil

to_ssl_opts(tls_opts, hostname \\ nil)

@spec to_ssl_opts(
  keyword(),
  String.t() | nil
) :: keyword()

Build SSL options from the TLS keyword list for GRPC.Credential.new/1.

Returns a keyword list suitable for :ssl.connect/3.