Liking cljdoc? Tell your friends :D
Clojure only.

com.blockether.spel.ssl

Custom SSL/TLS certificate support for corporate proxy environments.

When spel install downloads the Playwright driver from cdn.playwright.dev, GraalVM native-image uses a TrustStore baked at build time. Corporate SSL-inspecting proxies use internal CAs not in that store, causing 'PKIX path building failed'.

This namespace provides a composite TrustManager that merges the built-in default CAs with user-provided certificates (PEM or JKS/PKCS12), so both public CDN certs and corporate certs are trusted.

Environment variables (checked in order): SPEL_CA_BUNDLE — PEM file with extra CA certs (merged with defaults) NODE_EXTRA_CA_CERTS — same as above, also respected by Node.js subprocess SPEL_TRUSTSTORE — JKS/PKCS12 truststore path (merged with defaults) SPEL_TRUSTSTORE_TYPE — truststore type (default: JKS) SPEL_TRUSTSTORE_PASSWORD — truststore password (default: empty)

Custom SSL/TLS certificate support for corporate proxy environments.

When `spel install` downloads the Playwright driver from cdn.playwright.dev,
GraalVM native-image uses a TrustStore baked at build time. Corporate
SSL-inspecting proxies use internal CAs not in that store, causing
'PKIX path building failed'.

This namespace provides a composite TrustManager that merges the built-in
default CAs with user-provided certificates (PEM or JKS/PKCS12), so both
public CDN certs and corporate certs are trusted.

Environment variables (checked in order):
  SPEL_CA_BUNDLE           — PEM file with extra CA certs (merged with defaults)
  NODE_EXTRA_CA_CERTS      — same as above, also respected by Node.js subprocess
  SPEL_TRUSTSTORE          — JKS/PKCS12 truststore path (merged with defaults)
  SPEL_TRUSTSTORE_TYPE     — truststore type (default: JKS)
  SPEL_TRUSTSTORE_PASSWORD — truststore password (default: empty)
raw docstring

custom-ssl-factoryclj

(custom-ssl-factory)

Returns a custom SSLSocketFactory that trusts both the default CAs and user-provided corporate CAs, or nil if no custom CA config is present.

Env var priority:

  1. SPEL_CA_BUNDLE — PEM file (fail hard if missing)
  2. SPEL_TRUSTSTORE — JKS/PKCS12 (fail hard if missing)
  3. NODE_EXTRA_CA_CERTS — PEM file (warn + skip if missing)
Returns a custom SSLSocketFactory that trusts both the default CAs and
user-provided corporate CAs, or nil if no custom CA config is present.

Env var priority:
  1. SPEL_CA_BUNDLE          — PEM file (fail hard if missing)
  2. SPEL_TRUSTSTORE         — JKS/PKCS12 (fail hard if missing)
  3. NODE_EXTRA_CA_CERTS     — PEM file (warn + skip if missing)
sourceraw docstring

cljdoc builds & hosts documentation for Clojure/Script libraries

Keyboard shortcuts
Ctrl+kJump to recent docs
Move to previous article
Move to next article
Ctrl+/Jump to the search field
Raise an issueBrowse cljdoc sourceChat on Slack
× close