pub trait ResolvesClientCert: Send + Sync {
    // Required methods
    fn resolve(
        &self,
        acceptable_issuers: &[&[u8]],
        sigschemes: &[SignatureScheme]
    ) -> Option<Arc<CertifiedKey>>;
    fn has_certs(&self) -> bool;
}
Expand description

A trait for the ability to choose a certificate chain and private key for the purposes of client authentication.

Required Methods§

source

fn resolve( &self, acceptable_issuers: &[&[u8]], sigschemes: &[SignatureScheme] ) -> Option<Arc<CertifiedKey>>

With the server-supplied acceptable issuers in acceptable_issuers, the server’s supported signature schemes in sigschemes, return a certificate chain and signing key to authenticate.

acceptable_issuers is undecoded and unverified by the rustls library, but it should be expected to contain a DER encodings of X501 NAMEs.

Return None to continue the handshake without any client authentication. The server may reject the handshake later if it requires authentication.

source

fn has_certs(&self) -> bool

Return true if any certificates at all are available.

Implementors§