[−][src]Trait rustls::ServerCertVerifier
Something that can verify a server certificate chain
Required methods
fn verify_server_cert(
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
Verify a the certificate chain presented_certs
against the roots
configured in roots
. Make sure that dns_name
is quoted by
the top certificate in the chain.
Implementors
impl ServerCertVerifier for WebPKIVerifier
[src]
fn verify_server_cert(
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
[src]
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
Will verify the certificate is valid in the following ways:
- Signed by a trusted
RootCertStore
CA - Not Expired
- Valid for DNS entry
- OCSP data is present