Struct RustlsConfig

Source

pub struct RustlsConfig { /* private fields */ }

Available on crate feature tls-rustls only.

Expand description

Rustls configuration.

Implementations§

Source §

impl RustlsConfig

Source

pub fn from_config(config: Arc<ServerConfig>) -> Self

Create config from Arc<ServerConfig>.

NOTE: You need to set ALPN protocols (like http/1.1 or h2) manually.

Source

pub async fn from_der(cert: Vec<Vec<u8>>, key: Vec<u8>) -> Result<Self>

Create config from DER-encoded data.

The certificate must be DER-encoded X.509.

The private key must be DER-encoded ASN.1 in either PKCS#8 or PKCS#1 format.

Source

pub async fn from_pem(cert: Vec<u8>, key: Vec<u8>) -> Result<Self>

Create config from PEM formatted data.

Certificate and private key must be in PEM format.

Source

pub async fn from_pem_file( cert: impl AsRef<Path>, key: impl AsRef<Path>, ) -> Result<Self>

Create config from PEM formatted files.

Contents of certificate file and private key file must be in PEM format.

Examples found in repository ?

examples/rustls_server.rs (lines 13-16)

10async fn main() {
11    let app = Router::new().route("/", get(|| async { "Hello, world!" }));
12
13    let config = RustlsConfig::from_pem_file(
14        "examples/self-signed-certs/cert.pem",
15        "examples/self-signed-certs/key.pem",
16    )
17    .await
18    .unwrap();
19
20    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
21    println!("listening on {}", addr);
22    axum_server::tls_rustls::bind_rustls(addr, config)
23        .serve(app.into_make_service())
24        .await
25        .unwrap();
26}

More examples

Hide additional examples

examples/http_and_https.rs (lines 39-42)

36async fn https_server() {
37    let app = Router::new().route("/", get(|| async { "Hello, world!" }));
38
39    let config = RustlsConfig::from_pem_file(
40        "examples/self-signed-certs/cert.pem",
41        "examples/self-signed-certs/key.pem",
42    )
43    .await
44    .unwrap();
45
46    let addr = SocketAddr::from(([127, 0, 0, 1], 3443));
47    println!("https listening on {}", addr);
48    axum_server::bind_rustls(addr, config)
49        .serve(app.into_make_service())
50        .await
51        .unwrap();
52}

examples/rustls_session.rs (lines 20-23)

17async fn main() {
18    let app = Router::new().route("/", get(handler));
19
20    let config = RustlsConfig::from_pem_file(
21        "examples/self-signed-certs/cert.pem",
22        "examples/self-signed-certs/key.pem",
23    )
24    .await
25    .unwrap();
26
27    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
28
29    println!("listening on {}", addr);
30
31    let acceptor = CustomAcceptor::new(RustlsAcceptor::new(config));
32    let server = axum_server::bind(addr).acceptor(acceptor);
33
34    server.serve(app.into_make_service()).await.unwrap();
35}

examples/from_std_listener_rustls.rs (lines 14-17)

11async fn main() {
12    let app = Router::new().route("/", get(|| async { "Hello, world!" }));
13
14    let config = RustlsConfig::from_pem_file(
15        "examples/self-signed-certs/cert.pem",
16        "examples/self-signed-certs/key.pem",
17    )
18    .await
19    .unwrap();
20
21    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
22    let listener = TcpListener::bind(addr).unwrap();
23    println!("listening on {}", addr);
24    axum_server::from_tcp_rustls(listener, config)
25        .serve(app.into_make_service())
26        .await
27        .unwrap();
28}

examples/rustls_reload.rs (lines 18-21)

15async fn main() {
16    let app = Router::new().route("/", get(|| async { "Hello, world!" }));
17
18    let config = RustlsConfig::from_pem_file(
19        "examples/self-signed-certs/cert.pem",
20        "examples/self-signed-certs/key.pem",
21    )
22    .await
23    .unwrap();
24
25    // Spawn a task to reload tls.
26    tokio::spawn(reload(config.clone()));
27
28    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
29    println!("listening on {}", addr);
30    axum_server::bind_rustls(addr, config)
31        .serve(app.into_make_service())
32        .await
33        .unwrap();
34}

Source

pub fn get_inner(&self) -> Arc<ServerConfig>

Get inner Arc<ServerConfig>.

Source

pub fn reload_from_config(&self, config: Arc<ServerConfig>)

Reload config from Arc<ServerConfig>.

Source

pub async fn reload_from_der( &self, cert: Vec<Vec<u8>>, key: Vec<u8>, ) -> Result<()>

Reload config from DER-encoded data.

The certificate must be DER-encoded X.509.

The private key must be DER-encoded ASN.1 in either PKCS#8 or PKCS#1 format.

Source

pub async fn from_pem_chain_file( chain: impl AsRef<Path>, key: impl AsRef<Path>, ) -> Result<Self>

This helper will establish a TLS server based on strong cipher suites from a PEM-formatted certificate chain and key.

Source

pub async fn reload_from_pem(&self, cert: Vec<u8>, key: Vec<u8>) -> Result<()>

Reload config from PEM formatted data.

Certificate and private key must be in PEM format.

Source

pub async fn reload_from_pem_file( &self, cert: impl AsRef<Path>, key: impl AsRef<Path>, ) -> Result<()>

Reload config from PEM formatted files.

Contents of certificate file and private key file must be in PEM format.

Examples found in repository ?

examples/rustls_reload.rs (lines 44-47)

36async fn reload(config: RustlsConfig) {
37    // Wait for 20 seconds.
38    sleep(Duration::from_secs(20)).await;
39
40    println!("reloading rustls configuration");
41
42    // Reload rustls configuration from new files.
43    config
44        .reload_from_pem_file(
45            "examples/self-signed-certs/reload/cert.pem",
46            "examples/self-signed-certs/reload/key.pem",
47        )
48        .await
49        .unwrap();
50
51    println!("rustls configuration reloaded");
52}