pub struct Identity { /* private fields */ }
Expand description
Represents a private key and X509 cert as a client certificate.
Implementations
sourceimpl Identity
impl Identity
sourcepub fn from_pkcs12_der(der: &[u8], password: &str) -> Result<Identity>
pub fn from_pkcs12_der(der: &[u8], password: &str) -> Result<Identity>
Parses a DER-formatted PKCS #12 archive, using the specified password to decrypt the key.
The archive should contain a leaf certificate and its private key, as well any intermediate certificates that allow clients to build a chain to a trusted root. The chain certificates should be in order from the leaf certificate towards the root.
PKCS #12 archives typically have the file extension .p12
or .pfx
, and can be created
with the OpenSSL pkcs12
tool:
openssl pkcs12 -export -out identity.pfx -inkey key.pem -in cert.pem -certfile chain_certs.pem
Examples
let mut buf = Vec::new();
File::open("my-ident.pfx")?
.read_to_end(&mut buf)?;
let pkcs12 = reqwest::Identity::from_pkcs12_der(&buf, "my-privkey-password")?;
Optional
This requires the native-tls
Cargo feature enabled.
sourcepub fn from_pem(buf: &[u8]) -> Result<Identity>
pub fn from_pem(buf: &[u8]) -> Result<Identity>
Parses PEM encoded private key and certificate.
The input should contain a PEM encoded private key and at least one PEM encoded certificate.
Note: The private key must be in RSA, SEC1 Elliptic Curve or PKCS#8 format.
Examples
let mut buf = Vec::new();
File::open("my-ident.pem")?
.read_to_end(&mut buf)?;
let id = reqwest::Identity::from_pem(&buf)?;
Optional
This requires the rustls-tls(-...)
Cargo feature enabled.