pub fn mtls_server(source: X509Source) -> ServerConfigBuilderExpand description
Convenience constructor for the mTLS server builder.
This creates a server builder with default settings:
- Authorization: accepts any SPIFFE ID (authentication only)
- Trust domain policy:
AnyInBundleSet(uses all bundles from the Workload API)
ยงExamples
use spiffe_rustls::{authorizer, mtls_server};
let source = spiffe::X509Source::new().await?;
// Using a convenience constructor - pass string literals directly
let server_config = mtls_server(source.clone())
.authorize(authorizer::trust_domains([
"example.org",
])?)
.build()?;
// Using a closure
let server_config = mtls_server(source.clone())
.authorize(|id: &spiffe::SpiffeId| id.path().starts_with("/api/"))
.build()?;
// Using the Any authorizer (default)
let server_config = mtls_server(source)
.authorize(authorizer::any())
.build()?;