ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "64: OTP Certificate Woes with Bram Verburg"
Episode Synopsis
We talk with Bram Verburg about an important root certificate expiring at the end of September and how this impacts your Elixir and Erlang projects! Bram helps explain where this IS and IS NOT a problem. He also explains the different update options available. We also get Bram’s security perspectives from his years of focused study and contributions in the Elixir and Erlang communities. A great resource for understanding the current certificate situation and for protecting your Elixir projects!
Show Notes online - http://podcast.thinkingelixir.com/64 (http://podcast.thinkingelixir.com/64)
Elixir Community News
- https://github.com/elixir-nx/explorer (https://github.com/elixir-nx/explorer) – New Elixir-Nx project called Explorer released
- Explorer summarized with "When combined with other Nx libraries, Explorer is like a super-powerful spreadsheet"
- https://twitter.com/cigrainger/status/1433934973682139139 (https://twitter.com/cigrainger/status/1433934973682139139) – Twitter announcement of Explorer
- https://github.com/hauleth/mix_unused (https://github.com/hauleth/mix_unused) – mix_unused is a compiler tracer for detecting unused public functions.
- https://hexdocs.pm/prom_ex/readme.html (https://hexdocs.pm/prom_ex/readme.html) – PromEx sees a new 1.4.x release
- https://github.com/erlang/rebar3/releases/tag/3.17.0 (https://github.com/erlang/rebar3/releases/tag/3.17.0) – Rebar had a new release 3.17.0
- https://github.com/woylie/ectonestedchangeset (https://github.com/woylie/ecto_nested_changeset) – Ecto Nested Changeset project
- https://github.com/elixir-ecto/ecto/pull/3731 (https://github.com/elixir-ecto/ecto/pull/3731) – Discussion that lead to pulling out as a separate library
Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at [email protected] (mailto:[email protected])
Discussion Resources
- https://blog.voltone.net/post/29 (https://blog.voltone.net/post/29) – Initial post describing the problem
- https://blog.voltone.net/post/30 (https://blog.voltone.net/post/30) – Updates and mitigation recommendations
- https://www.youtube.com/watch?v=0jzcPnsE4nQ (https://www.youtube.com/watch?v=0jzcPnsE4nQ) – Learn you some 'ssl' for much security! - ElixirConfEU 2019
- https://erlef.github.io/security-wg/securecodinganddeploymenthardening/inets (https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets)
- https://blog.voltone.net/post/27 (https://blog.voltone.net/post/27) – CVE-2020-35733 discovered in December
- https://blog.voltone.net/post/28 (https://blog.voltone.net/post/28)
- https://www.youtube.com/watch?v=r0DuAse9tK8 (https://www.youtube.com/watch?v=r0DuAse9tK8)
- https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/ (https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/)
- OTP 24.0.4 and later is good
- OTP 23.3.4.6 and later is good
- https://github.com/dlesl/erqwest (https://github.com/dlesl/erqwest)
- https://hex.pm/packages/mint (https://hex.pm/packages/mint)
- https://xkcd.com/927/ (https://xkcd.com/927/) – The referenced XKCD comic
- https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/ (https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/)
- https://github.com/elixir-mint/mint/pull/328 (https://github.com/elixir-mint/mint/pull/328)
- https://blog.voltone.net/post/28 (https://blog.voltone.net/post/28)
- https://blog.voltone.net/post/27 (https://blog.voltone.net/post/27)
- https://en.wikipedia.org/wiki/Heartbleed (https://en.wikipedia.org/wiki/Heartbleed)
- https://istio.io/ (https://istio.io/)
- https://hex.pm/packages/hackney (https://hex.pm/packages/hackney)
- https://hex.pm/packages/finch (https://hex.pm/packages/finch)
- https://blog.voltone.net/ (https://blog.voltone.net/)
Guest Information
- https://twitter.com/voltonez (https://twitter.com/voltonez) – on Twitter
- https://github.com/voltone/ (https://github.com/voltone/) – on Github
- https://blog.voltone.net/ (https://blog.voltone.net/) – Blog
Find us online
- Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir)
- Email the show - [email protected] (mailto:[email protected])
- Mark Ericksen - @brainlid (https://twitter.com/brainlid)
- David Bernheisel - @bernheisel (https://twitter.com/bernheisel)
- Cade Ward - @cadebward (https://twitter.com/cadebward)
Show Notes online - http://podcast.thinkingelixir.com/64 (http://podcast.thinkingelixir.com/64)
Elixir Community News
- https://github.com/elixir-nx/explorer (https://github.com/elixir-nx/explorer) – New Elixir-Nx project called Explorer released
- Explorer summarized with "When combined with other Nx libraries, Explorer is like a super-powerful spreadsheet"
- https://twitter.com/cigrainger/status/1433934973682139139 (https://twitter.com/cigrainger/status/1433934973682139139) – Twitter announcement of Explorer
- https://github.com/hauleth/mix_unused (https://github.com/hauleth/mix_unused) – mix_unused is a compiler tracer for detecting unused public functions.
- https://hexdocs.pm/prom_ex/readme.html (https://hexdocs.pm/prom_ex/readme.html) – PromEx sees a new 1.4.x release
- https://github.com/erlang/rebar3/releases/tag/3.17.0 (https://github.com/erlang/rebar3/releases/tag/3.17.0) – Rebar had a new release 3.17.0
- https://github.com/woylie/ectonestedchangeset (https://github.com/woylie/ecto_nested_changeset) – Ecto Nested Changeset project
- https://github.com/elixir-ecto/ecto/pull/3731 (https://github.com/elixir-ecto/ecto/pull/3731) – Discussion that lead to pulling out as a separate library
Do you have some Elixir news to share? Tell us at @ThinkingElixir (https://twitter.com/ThinkingElixir) or email at [email protected] (mailto:[email protected])
Discussion Resources
- https://blog.voltone.net/post/29 (https://blog.voltone.net/post/29) – Initial post describing the problem
- https://blog.voltone.net/post/30 (https://blog.voltone.net/post/30) – Updates and mitigation recommendations
- https://www.youtube.com/watch?v=0jzcPnsE4nQ (https://www.youtube.com/watch?v=0jzcPnsE4nQ) – Learn you some 'ssl' for much security! - ElixirConfEU 2019
- https://erlef.github.io/security-wg/securecodinganddeploymenthardening/inets (https://erlef.github.io/security-wg/secure_coding_and_deployment_hardening/inets)
- https://blog.voltone.net/post/27 (https://blog.voltone.net/post/27) – CVE-2020-35733 discovered in December
- https://blog.voltone.net/post/28 (https://blog.voltone.net/post/28)
- https://www.youtube.com/watch?v=r0DuAse9tK8 (https://www.youtube.com/watch?v=r0DuAse9tK8)
- https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/ (https://pragprog.com/titles/jaerlang2/programming-erlang-2nd-edition/)
- OTP 24.0.4 and later is good
- OTP 23.3.4.6 and later is good
- https://github.com/dlesl/erqwest (https://github.com/dlesl/erqwest)
- https://hex.pm/packages/mint (https://hex.pm/packages/mint)
- https://xkcd.com/927/ (https://xkcd.com/927/) – The referenced XKCD comic
- https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/ (https://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/)
- https://github.com/elixir-mint/mint/pull/328 (https://github.com/elixir-mint/mint/pull/328)
- https://blog.voltone.net/post/28 (https://blog.voltone.net/post/28)
- https://blog.voltone.net/post/27 (https://blog.voltone.net/post/27)
- https://en.wikipedia.org/wiki/Heartbleed (https://en.wikipedia.org/wiki/Heartbleed)
- https://istio.io/ (https://istio.io/)
- https://hex.pm/packages/hackney (https://hex.pm/packages/hackney)
- https://hex.pm/packages/finch (https://hex.pm/packages/finch)
- https://blog.voltone.net/ (https://blog.voltone.net/)
Guest Information
- https://twitter.com/voltonez (https://twitter.com/voltonez) – on Twitter
- https://github.com/voltone/ (https://github.com/voltone/) – on Github
- https://blog.voltone.net/ (https://blog.voltone.net/) – Blog
Find us online
- Message the show - @ThinkingElixir (https://twitter.com/ThinkingElixir)
- Email the show - [email protected] (mailto:[email protected])
- Mark Ericksen - @brainlid (https://twitter.com/brainlid)
- David Bernheisel - @bernheisel (https://twitter.com/bernheisel)
- Cade Ward - @cadebward (https://twitter.com/cadebward)
More episodes of the podcast Thinking Elixir Podcast
283: Erlang Turns 27 and React at Risk
16/12/2025
282: Type Systems and View Transitions
09/12/2025
281: Planning for the Unexpected
02/12/2025
280: Dark Matter Developers
25/11/2025
279: Hot Code Upgrades and Hotter AI Takes
18/11/2025
278: WAL-ing Through Database Changes
11/11/2025
277: Searching Across the Hexiverse
04/11/2025
276: Elixir v1.19 Types and Speed
28/10/2025
275: From Slop to Success?
21/10/2025
274: Protocols, Permissions, and Performance
14/10/2025
In God we trust