Struct hyper_server::tls_rustls::RustlsConfig

pub struct RustlsConfig { /* private fields */ }

Available on crate feature tls-rustls only.

Represents the rustls configuration for the server.

Implementations

impl RustlsConfig

pub fn from_config(config: Arc<ServerConfig>) -> Self

Create a new RustlsConfig from an Arc<ServerConfig>.

Important: This method does not set ALPN protocols (like http/1.1 or h2) automatically. ALPN protocols need to be set manually when using this method.

pub async fn from_der(cert: Vec<Vec<u8>>, key: Vec<u8>) -> Result<Self>

Create a RustlsConfig from DER-encoded data. DER is a binary format for encoding data, commonly used for certificates and keys.

cert is expected to be a DER-encoded X.509 certificate. key is expected to be a DER-encoded ASN.1 format private key, either in PKCS#8 or PKCS#1 format.

pub async fn from_pem(cert: Vec<u8>, key: Vec<u8>) -> Result<Self>

Create a RustlsConfig from PEM-formatted data. PEM is a text-based format used to encode binary data like certificates and keys.

Both cert and key must be provided in PEM format.

pub async fn from_pem_file( cert: impl AsRef<Path>, key: impl AsRef<Path> ) -> Result<Self>

Create a RustlsConfig by reading PEM-formatted files.

The contents of the provided certificate and private key files must be in PEM format.

Examples found in repository

examples/rustls_server.rs (lines 13-16)

async fn main() {
    let app = Router::new().route("/", get(|| async { "Hello, world!" }));

    let config = RustlsConfig::from_pem_file(
        "examples/self-signed-certs/cert.pem",
        "examples/self-signed-certs/key.pem",
    )
    .await
    .unwrap();

    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
    println!("listening on {}", addr);
    hyper_server::bind_rustls(addr, config)
        .serve(app.into_make_service())
        .await
        .unwrap();
}

examples/http_and_https.rs (lines 39-42)

async fn https_server() {
    let app = Router::new().route("/", get(|| async { "Hello, world!" }));

    let config = RustlsConfig::from_pem_file(
        "examples/self-signed-certs/cert.pem",
        "examples/self-signed-certs/key.pem",
    )
    .await
    .unwrap();

    let addr = SocketAddr::from(([127, 0, 0, 1], 3443));
    println!("https listening on {}", addr);
    hyper_server::bind_rustls(addr, config)
        .serve(app.into_make_service())
        .await
        .unwrap();
}

examples/rustls_session.rs (lines 20-23)

async fn main() {
    let app = Router::new().route("/", get(handler));

    let config = RustlsConfig::from_pem_file(
        "examples/self-signed-certs/cert.pem",
        "examples/self-signed-certs/key.pem",
    )
    .await
    .unwrap();

    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));

    println!("listening on {}", addr);

    let acceptor = CustomAcceptor::new(RustlsAcceptor::new(config));
    let server = hyper_server::bind(addr).acceptor(acceptor);

    server.serve(app.into_make_service()).await.unwrap();
}

examples/from_std_listener_rustls.rs (lines 14-17)

async fn main() {
    let app = Router::new().route("/", get(|| async { "Hello, world!" }));

    let config = RustlsConfig::from_pem_file(
        "examples/self-signed-certs/cert.pem",
        "examples/self-signed-certs/key.pem",
    )
    .await
    .unwrap();

    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
    let listener = TcpListener::bind(addr).unwrap();
    println!("listening on {}", addr);
    hyper_server::from_tcp_rustls(listener, config)
        .serve(app.into_make_service())
        .await
        .unwrap();
}

examples/rustls_reload.rs (lines 18-21)

async fn main() {
    let app = Router::new().route("/", get(|| async { "Hello, world!" }));

    let config = RustlsConfig::from_pem_file(
        "examples/self-signed-certs/cert.pem",
        "examples/self-signed-certs/key.pem",
    )
    .await
    .unwrap();

    // Spawn a task to reload tls.
    tokio::spawn(reload(config.clone()));

    let addr = SocketAddr::from(([127, 0, 0, 1], 3000));
    println!("listening on {}", addr);
    hyper_server::bind_rustls(addr, config)
        .serve(app.into_make_service())
        .await
        .unwrap();
}

pub fn get_inner(&self) -> Arc<ServerConfig>

Retrieve the inner Arc<ServerConfig> from the RustlsConfig.

pub fn reload_from_config(&self, config: Arc<ServerConfig>)

Update (or reload) the RustlsConfig with a new Arc<ServerConfig>.

pub async fn reload_from_der( &self, cert: Vec<Vec<u8>>, key: Vec<u8> ) -> Result<()>

Reload the RustlsConfig from provided DER-encoded data.

As with the from_der method, cert must be DER-encoded X.509 and key should be in either PKCS#8 or PKCS#1 DER-encoded ASN.1 format.

pub async fn reload_from_pem(&self, cert: Vec<u8>, key: Vec<u8>) -> Result<()>

Reload the RustlsConfig using provided PEM-formatted data.

pub async fn reload_from_pem_file( &self, cert: impl AsRef<Path>, key: impl AsRef<Path> ) -> Result<()>

Reload the RustlsConfig from provided PEM-formatted files.

Examples found in repository

examples/rustls_reload.rs (lines 44-47)

async fn reload(config: RustlsConfig) {
    // Wait for 20 seconds.
    sleep(Duration::from_secs(20)).await;

    println!("reloading rustls configuration");

    // Reload rustls configuration from new files.
    config
        .reload_from_pem_file(
            "examples/self-signed-certs/reload/cert.pem",
            "examples/self-signed-certs/reload/key.pem",
        )
        .await
        .unwrap();

    println!("rustls configuration reloaded");
}

Trait Implementations

impl Clone for RustlsConfig

fn clone(&self) -> RustlsConfig

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for RustlsConfig

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.