pub struct CertificateResolver {
pub domains: TrieNode<Fingerprint>,
/* private fields */
}
Expand description
Parses and stores TLS certificates, makes them available to Rustls for TLS handshakes
the domains
TrieNode is an addressing system to resolve a certificate
for a given domain name.
Certificates are stored in a hashmap that may contain unreachable certificates if
no domain name points to it.
Fields§
§domains: TrieNode<Fingerprint>
routing one domain name to one certificate for fast resolving
Implementations§
Source§impl CertificateResolver
impl CertificateResolver
Sourcepub fn get_certificate(
&self,
fingerprint: &Fingerprint,
) -> Option<CertifiedKeyWrapper>
pub fn get_certificate( &self, fingerprint: &Fingerprint, ) -> Option<CertifiedKeyWrapper>
return the certificate in the Rustls-usable form
Sourcepub fn add_certificate(
&mut self,
add: &AddCertificate,
) -> Result<Fingerprint, CertificateResolverError>
pub fn add_certificate( &mut self, add: &AddCertificate, ) -> Result<Fingerprint, CertificateResolverError>
persist a certificate, after ensuring validity, and checking if it can replace another certificate. return the certificate fingerprint regardless of having inserted it or not
Sourcepub fn remove_certificate(
&mut self,
fingerprint: &Fingerprint,
) -> Result<(), CertificateResolverError>
pub fn remove_certificate( &mut self, fingerprint: &Fingerprint, ) -> Result<(), CertificateResolverError>
Delete a certificate from the resolver. May fail if there is no alternative for
Sourcepub fn replace_certificate(
&mut self,
replace: &ReplaceCertificate,
) -> Result<Fingerprint, CertificateResolverError>
pub fn replace_certificate( &mut self, replace: &ReplaceCertificate, ) -> Result<Fingerprint, CertificateResolverError>
Short-hand for add_certificate
and then remove_certificate
.
It is possible that the certificate will not be replaced, if the
new certificate does not match add_certificate
rules.