core.certmanager

This core module handles TLS settings and certificates. Portmanager and mod_tls uses it to provide TLS.

create_context()

Creates a LuaSec TLS context. Takes a hostname, the mode ("client" or "server") and an arbitrary number of tables with TLS configuration settings, which are merged using util.sslconfig.

local context, err, config = certmanager.create_context("example.com", "server", config);
ssl.wrap(conn, ctx);

reload_ssl_config()

Reloads settings from the configuration. Called automatically after the configuration has been reloaded, so rarely needed.

find_cert()

Looks for certificate and private key files for a hostname using a few common patterns.

local conf = certmanager.find_cert("/etc/certs/example/", "example.com")
print(conf.certificate, conf.key)