#[non_exhaustive]pub enum TlsIdentity {
SelfSigned {
subject_alt_names: Vec<String>,
},
PemFiles {
cert: PathBuf,
key: PathBuf,
},
PemBytes {
cert: Vec<u8>,
key: Vec<u8>,
},
Pkcs12 {
der: Vec<u8>,
password: String,
},
}Expand description
Certificate and private key material that identifies this replication node.
§Backend compatibility
| Variant | tls-rustls | tls-native |
|---|---|---|
SelfSigned | ✓ | ✗ |
PemFiles | ✓ | ✗ |
PemBytes | ✓ | ✗ |
Pkcs12 | ✗ | ✓ |
For tls-native, create a PKCS #12 archive with:
openssl pkcs12 -export -out identity.p12 -inkey key.pem -in cert.pemVariants (Non-exhaustive)§
This enum is marked as non-exhaustive
Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.
SelfSigned
Generate a fresh self-signed certificate at runtime.
Supported by the tls-rustls backend only. Suitable for internal,
trusted replication networks where setting up a certificate authority
is undesirable.
Fields
PemFiles
Load certificate chain and private key from PEM files on disk.
Supported by the tls-rustls backend only.
Fields
PemBytes
Certificate chain and private key as in-memory PEM bytes.
Supported by the tls-rustls backend only.
Fields
Pkcs12
PKCS #12 archive (certificate + key bundled) as DER bytes.
Supported by the tls-native backend only (OpenSSL / LibreSSL).
Load with:
ⓘ
let der = std::fs::read("/etc/noxu/identity.p12")?;
let identity = TlsIdentity::Pkcs12 { der, password: "secret".into() };Trait Implementations§
Source§impl Clone for TlsIdentity
impl Clone for TlsIdentity
Source§fn clone(&self) -> TlsIdentity
fn clone(&self) -> TlsIdentity
Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreAuto Trait Implementations§
impl Freeze for TlsIdentity
impl RefUnwindSafe for TlsIdentity
impl Send for TlsIdentity
impl Sync for TlsIdentity
impl Unpin for TlsIdentity
impl UnsafeUnpin for TlsIdentity
impl UnwindSafe for TlsIdentity
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
Source§impl<T> CloneToUninit for Twhere
T: Clone,
impl<T> CloneToUninit for Twhere
T: Clone,
Source§impl<T> IntoEither for T
impl<T> IntoEither for T
Source§fn into_either(self, into_left: bool) -> Either<Self, Self>
fn into_either(self, into_left: bool) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left is true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read moreSource§fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
fn into_either_with<F>(self, into_left: F) -> Either<Self, Self>
Converts
self into a Left variant of Either<Self, Self>
if into_left(&self) returns true.
Converts self into a Right variant of Either<Self, Self>
otherwise. Read more