pub trait TlsCertSource: Send + Sync {
// Required method
fn load(&self) -> Result<TlsMaterial, TlsError>;
// Provided methods
fn resolver(&self) -> Option<Arc<dyn ResolvesServerCert>> { ... }
fn client_verifier(&self) -> Option<Arc<dyn ClientCertVerifier>> { ... }
}Expand description
Source of the server’s TLS certificate material — the §4 boundary seam. FileCertSource
is the OPEN implementation; ACME/rotation/managed-PKI are enterprise implementations of
this same trait (the core depends only on the trait, never on the at-scale impl).
load() is the single-cert path (the OPEN baseline). The two defaulted hooks below are
additive extension points (compatible with the BOUNDARY §5 freeze, like
WafModule::structural()): an enterprise source overrides them to take over server-cert
resolution (hitless ACME rotation) or to require client certificates (mTLS / managed PKI),
while every existing impl keeps load() + no client auth unchanged.
Required Methods§
Sourcefn load(&self) -> Result<TlsMaterial, TlsError>
fn load(&self) -> Result<TlsMaterial, TlsError>
Load a single server certificate chain + key. Used unless Self::resolver
returns Some (in which case the core never calls this).
Provided Methods§
Sourcefn resolver(&self) -> Option<Arc<dyn ResolvesServerCert>>
fn resolver(&self) -> Option<Arc<dyn ResolvesServerCert>>
Optional dynamic server-cert resolver. When Some, the core builds the
ServerConfig with this resolver INSTEAD of load() (so the cert can rotate
at runtime without rebuilding the acceptor — enterprise hitless ACME), and
advertises the acme-tls/1 ALPN so an on-listener TLS-ALPN-01 challenge can
negotiate on the same port. Default None → the OPEN single-cert path.
Sourcefn client_verifier(&self) -> Option<Arc<dyn ClientCertVerifier>>
fn client_verifier(&self) -> Option<Arc<dyn ClientCertVerifier>>
Optional client-certificate verifier. When Some, the listener requires and
verifies client certificates (mTLS / managed PKI). Default None → no client
auth, exactly as before.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".