Safe Haskell	Safe-Inferred
Language	Haskell2010

Network.Wai.Handler.WarpTLS.Internal

Contents

Accessors

Synopsis

data CertSettings
- = CertFromFile !FilePath ![FilePath] !FilePath
- | CertFromMemory !ByteString ![ByteString] !ByteString
- | CertFromRef !(IORef ByteString) ![IORef ByteString] !(IORef ByteString)
data TLSSettings = TLSSettings {
- certSettings :: CertSettings
- onInsecure :: OnInsecure
- tlsLogging :: Logging
- tlsAllowedVersions :: [Version]
- tlsCiphers :: [Cipher]
- tlsWantClientCert :: Bool
- tlsServerHooks :: ServerHooks
- tlsServerDHEParams :: Maybe DHParams
- tlsSessionManagerConfig :: Maybe Config
- tlsCredentials :: Maybe Credentials
- tlsSessionManager :: Maybe SessionManager
- tlsSupportedHashSignatures :: [HashAndSignatureAlgorithm]
}
defaultTlsSettings :: TLSSettings
data OnInsecure
- = DenyInsecure ByteString
- | AllowInsecure
getCertSettings :: TLSSettings -> CertSettings

Documentation

data CertSettings Source #

Determines where to load the certificate, chain certificates, and key from.

Constructors

CertFromFile !FilePath ![FilePath] !FilePath
CertFromMemory !ByteString ![ByteString] !ByteString
CertFromRef !(IORef ByteString) ![IORef ByteString] !(IORef ByteString)

Instances

Instances details

Show CertSettings Source #
Instance details Defined in Network.Wai.Handler.WarpTLS.Internal Methods showsPrec :: Int -> CertSettings -> ShowS # show :: CertSettings -> String # showList :: [CertSettings] -> ShowS #

data TLSSettings Source #

Settings for WarpTLS.

Constructors

TLSSettings

Fields

certSettings :: CertSettings
Where are the certificate, chain certificates, and key loaded from?
```
>>> certSettings defaultTlsSettings
CertFromFile "certificate.pem" [] "key.pem"
```
Since: 3.3.0

onInsecure :: OnInsecure

Do we allow insecure connections with this server as well?

>>> onInsecure defaultTlsSettings
DenyInsecure "This server only accepts secure HTTPS connections."

Since 1.4.0

tlsLogging :: Logging
The level of logging to turn on.
Default: defaultLogging.
Since 1.4.0
tlsAllowedVersions :: [Version]
The TLS versions this server accepts.
Since 1.4.2
tlsCiphers :: [Cipher]
The TLS ciphers this server accepts.
Since 1.4.2
tlsWantClientCert :: Bool
Whether or not to demand a certificate from the client. If this is set to True, you must handle received certificates in a server hook or all connections will fail.
```
>>> tlsWantClientCert defaultTlsSettings
False
```
Since 3.0.2
tlsServerHooks :: ServerHooks
The server-side hooks called by the tls package, including actions to take when a client certificate is received. See the Network.TLS module for details.
Default: def
Since 3.0.2
tlsServerDHEParams :: Maybe DHParams
Configuration for ServerDHEParams more function lives in crypton package
Default: Nothing
Since 3.2.2
tlsSessionManagerConfig :: Maybe Config
Configuration for in-memory TLS session manager. If Nothing, noSessionManager is used. Otherwise, an in-memory TLS session manager is created according to Config.
Default: Nothing
Since 3.2.4
tlsCredentials :: Maybe Credentials
Specifying Credentials directly. If this value is specified, other fields such as certFile are ignored.
Since 3.2.12
tlsSessionManager :: Maybe SessionManager
Specifying SessionManager directly. If this value is specified, tlsSessionManagerConfig is ignored.
Since 3.2.12
tlsSupportedHashSignatures :: [HashAndSignatureAlgorithm]
Specifying supported hash/signature algorithms, ordered by decreasing priority. See the Network.TLS module for details
Since 3.3.3

defaultTlsSettings :: TLSSettings Source #

Default TLSSettings. Use this to create TLSSettings with the field record name (aka accessors).

data OnInsecure Source #

An action when a plain HTTP comes to HTTP over TLS/SSL port.

Constructors

DenyInsecure ByteString
AllowInsecure

Instances

Instances details

Show OnInsecure Source #
Instance details Defined in Network.Wai.Handler.WarpTLS.Internal Methods showsPrec :: Int -> OnInsecure -> ShowS # show :: OnInsecure -> String # showList :: [OnInsecure] -> ShowS #

Accessors

getCertSettings :: TLSSettings -> CertSettings Source #

Some programs need access to cert settings