TLS configuration helpers for MLLP connections.
Provides convenience functions for building :ssl option lists
suitable for server-side TLS, client-side TLS, and mutual TLS (mTLS).
Server-side TLS
tls_opts = HL7v2.MLLP.TLS.server_options(
certfile: "server.pem",
keyfile: "server-key.pem"
)
{:ok, _} = HL7v2.MLLP.Listener.start_link(port: 2576, handler: MyHandler, tls: tls_opts)Mutual TLS
tls_opts = HL7v2.MLLP.TLS.mutual_tls_options(
certfile: "server.pem",
keyfile: "server-key.pem",
cacertfile: "ca.pem"
)Summary
Functions
Builds SSL options for client-side TLS.
Builds SSL options for mutual TLS (mTLS).
Builds SSL options for server-side TLS.
Functions
Builds SSL options for client-side TLS.
Optional options
:cacertfile— path to the CA certificate PEM file:verify— verification mode (default::verify_peer):versions— TLS versions (default:[:"tlsv1.2", :"tlsv1.3"])- Any additional
:ssloptions are passed through.
Builds SSL options for mutual TLS (mTLS).
Both the server and client present certificates. This is the recommended configuration for production MLLP endpoints.
Required options
:certfile— path to the certificate PEM file:keyfile— path to the private key PEM file:cacertfile— path to the CA certificate PEM file
Optional options
:verify— verification mode (default::verify_peer):fail_if_no_peer_cert— reject clients without a certificate (default:true, server-side only):versions— TLS versions (default:[:"tlsv1.2", :"tlsv1.3"])- Any additional
:ssloptions are passed through.
Builds SSL options for server-side TLS.
Required options
:certfile— path to the server certificate PEM file:keyfile— path to the server private key PEM file
Optional options
:cacertfile— path to the CA certificate PEM file:versions— TLS versions (default:[:"tlsv1.2", :"tlsv1.3"])- Any additional
:ssloptions are passed through.