Function mtls_server

Source

pub fn mtls_server(source: X509Source) -> ServerConfigBuilder

Expand description

Constructor for the mTLS server builder.

Creates a server builder with default settings:

authorizer: authorizer::any, which accepts any authenticated SPIFFE ID from any trust domain accepted by the configured trust-domain policy. By default, this means every trust domain in the source bundle set.
trust-domain policy: TrustDomainPolicy::AnyInBundleSet, which accepts any trust domain present in the source bundle set

Production deployments should usually configure a more specific authorizer. Non-federated deployments should usually configure TrustDomainPolicy::LocalOnly.

§Examples

use spiffe_rustls::{authorizer, mtls_server};

let source = spiffe::X509Source::new().await?;

let server_config = mtls_server(source)
    .authorize(authorizer::trust_domains(["example.org"])?)
    .build()?;

mtls_server

Function mtls_server Copy item path

§Examples

Function mtls_server