warp-tls

HTTP over TLS support for Warp via the TLS package

Version on this page:	3.3.2
LTS Haskell 22.39:	3.4.7
Stackage Nightly 2024-10-31:	3.4.7
Latest on Hackage:	3.4.7

See all snapshots warp-tls appears in

MIT licensed by Michael Snoyman

Maintained by [email protected]

This version can be pinned in stack with:warp-tls-3.3.2@sha256:6dcedd709889833679f42ea22560a419f8f808be2048a23c8e10511920630251,1796

Module documentation for 3.3.2

Network
- Network.Wai
  - Network.Wai.Handler
    - Network.Wai.Handler.WarpTLS
      - Network.Wai.Handler.WarpTLS.Internal

Depends on 11 packages(full list with versions):

base, bytestring, cryptonite, data-default-class, network, streaming-commons, tls, tls-session-manager, unliftio, wai, warp

Used by 6 packages in nightly-2022-02-14(full list with versions):

hoogle, tmp-proc, wai-cli, wai-enforce-https, warp-tls-uid, yesod-bin

warp-tls

Serve WAI applications using the Warp webserver and the Haskell TLS library.

In order to generate a self-signed certificate for testing, try the following:

openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out certificate.csr
openssl x509 -req -in certificate.csr -signkey key.pem -out certificate.pem

Changes

3.3.2

Providing the Internal module. #841

3.3.1

Move exception handling over to unliftio for better async exception support #845
Cleanly close connection when client closes connection prematurely #844

3.3.0

Breaking changes: certFile and keyFile are not exported anymore.
Allow TLS credentials to be retrieved from an IORef. #806

3.2.12

A config field: tlsCredentials and tlsSessionManager. #805

3.2.11

Ignoring an exception from shutdown (gracefulClose).

3.2.10

Passing client certificate, if any, to Warp #783

3.2.9

Cooperating setGracefulCloseTimeout1 and setGracefulCloseTimeout2 of Warp. #782

3.2.8

Using gracefullClose of network 3.1.1 or later if available.

3.2.7

Relaxing version constraint.

3.2.6

Using the Strict and StrictData language extensions for GHC >8. #752

3.2.5

When tls 1.5.0 is available, TLS 1.3 is automatically supported.

3.2.4.3

Using warp >= 3.2.17.

3.2.4.2

Ignore socket errors while sending close_notify #640

3.2.4

Using tls-session-manager.

3.2.3

Stop using obsoleted APIs of network.

3.2.2

New settting parameter: tlsServerDHEParams #556
Preventing socket leakage #559

3.2.1

Removing dependency to cprng-aes.

3.2.0

Major version up due to breaking changes.
runHTTP2TLS and runHTTP2TLSSocket were removed.

3.1.4

Add an option to disable HTTP2 #450

3.1.3

Removing SHA 512 and SHA 384 from supportedCiphers to rescue Safari and golang. #429

3.1.2

Getting Rating A from the SSL Server Test

3.1.1

Converting “send: resource vanished (Broken pipe)” to ConnectionClosedByPeer. #421

3.1.0

Supporting HTTP/2 #399
Removing RC4 #400

3.0.4.2

tls 1.3 support #390

3.0.4.1

Fix for leaked FDs #378

3.0.4

Replace acceptSafe with accept, see #361

3.0.3

Support chain certs #349

3.0.2

Allow warp-tls to request client certificates. #337

3.0.1.4

Add additional Diffie-Hellman RSA and DSA ciphers to warp-tls.

3.0.1.3

Unable to allow insecure connections with warp-tls #324

3.0.1.2

Make sure Timer is tickled in sendfile. #323

3.0.1

Support for in-memory certificates and keys