package castore

  1. Overview
  2. Docs
A portable CA Store with a global .crt and .pem files

Install

Dune Dependency

github.com Readme Changelog MIT License Edit opam file Versions (2)

Authors

  1. L
    Leandro Ostera <leandro@abstractmachines.dev>

Maintainers

  1. L
    Leandro Ostera <leandro@abstractmachines.dev>

Sources

castore-0.0.2.tbz
sha256=8d1d399085f733b6b822a8bc059bae6d72459377cbfce4d1a6c8bb1001258b3e
sha512=2c92e6e1ed62dcd872f3ec48d247e987e81d6b39600e6901e2300410dc7df8a0395d8c7d8ad803f5733f1333ae61299d30cb42bdad3ec86910dc651013ec1ddc

Description

Tags

https tls cert crt pem ca ca store

Published: 27 Dec 2023

README

CAStore 🦫

A portable pure OCaml CA Store, with no dependencies, inspired by Elixir's :castore.

Getting Started

First, install castore in your switch:

# latest published version
opam install castore

# latest development version
opam pin castore git+https://github.com/leostera/castore

Now we can add it to your dune project dependencies:

(package
 ;...
 (depends
   (castore (>= "0.0.0"))
   ;...)
 ;...)

And to your dune stanzas:

(executable
  (name my_app)
  (libraries castore))

And finally we can use it by decoding the certificates, and building a chain of trust we can build our Tls config with.

Here's an example of how to do it:

let decode_pem ca =
  let ca = Cstruct.of_string ca in
  let cert = X509.Certificate.decode_pem ca in
  Result.get_ok cert
in
let cas = List.map decode_pem Ca_store.certificates in
let authenticator = X509.Authenticator.chain_of_trust ~time cas in
(* ... *)

Acknowledgements

This project would not be possible without ocaml-tls and ca-certs, in fact, we use ca-certs to generate the Ca_store.cas with code taken from the implementation of ca-certs.

Dependencies (2)

  1. dune >= "3.11"
  2. ocaml >= "5.1"

Dev Dependencies (3)

  1. odoc with-doc
  2. mdx with-test & < "2.4"
  3. x509 with-test

Used by (1)

  1. riot >= "0.0.8"

Conflicts

None