[−][src]Trait rustls::ServerCertVerifier
Something that can verify a server certificate chain
Required methods
fn verify_server_cert(
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
Verify a the certificate chain presented_certs against the roots
configured in roots. Make sure that dns_name is quoted by
the top certificate in the chain.
Implementors
impl ServerCertVerifier for WebPKIVerifier[src]
fn verify_server_cert(
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>[src]
&self,
roots: &RootCertStore,
presented_certs: &[Certificate],
dns_name: DNSNameRef,
ocsp_response: &[u8]
) -> Result<ServerCertVerified, TLSError>
Will verify the certificate is valid in the following ways:
- Signed by a trusted
RootCertStoreCA - Not Expired
- Valid for DNS entry
- OCSP data is present